[Mimedefang] Need to run /usr/sbin/makemap from my filter
David F. Skoll
dfs at roaringpenguin.com
Thu Dec 26 16:12:01 EST 2002
On Thu, 26 Dec 2002, Wayne wrote:
> I have created a filter that keeps track of invald accounts and after a
> set number of attempts it adds the sending host IP to /etc/mail/access. Now
> I need to call /usr/sbin/makemap hash access.db < access so sendmail can
> block the IP.
This probably has to be done as root, so a naive:
system('/usr/sbin/makemap hash access.db < access');
probably will not work, unless you run your filter as root. You might
need a SUID wrapper or a cron job that periodically rebuilds the
access DB.
Be aware that this could be used in a DoS attack. If some malicious person
wants to get his ISP's mail server banned from your server, he just needs
to send mail to nonexistent accounts through the ISP's server until he
stops receiving failure notifications, or the notification text changes
to indicate a banned relay.
--
David.
More information about the MIMEDefang
mailing list