sendmail antispam logo

Spamming is so last century! Let's explore some solutions that can be used with sendmail.

We heavily recommend that you purchase the Sendmail Companion v 8.13  Book by O'Reilly (it's got two bats on the front!).  This book has been invaluable to sysadmins worldwide!

Here are our top tips:

  • Turn Off Relaying for Non-Local Users -- Sendmail V8 (aka 8.x) is the most popular Unix MTA and turning off relaying is really simple!

Just edit your

Using Claus Aßmann's rulesets (which most sysadmins consider the best), add the following

HACK(check_mail3, btree -a@JUNK /etc/spam/junk)
HACK(check_relay3, btree -a@JUNK /etc/spam/junk)
HACK(use_ip, /etc/spam/LocalIP)
HACK(use_names, /etc/spam/LocalNames)

  • Using tcp_wrappers

tcp_wrappers take programs being run under inetd (see /etc/inetd.conf) and before ftpd, telnetd, etc... run, the connection first passes through a wrapper to check if the IP address of the source packet is coming from a trusted host or untrusted one.  This can be done  by source host name, domain name, raw IP address, and port number the connection is attempting to connect to.

Sendmail 8.8 and later versions support the use of  -DTCPWRAPPERS=1 for compilation. Just add the -lwrap library.

TCP-Wrappers can be downloaded from

The site also has a plethora of other useful security tools, such as securelib, portmap, satan, cops, and crack.

If you are experienced in sendmail you can download a patch from

which integrates tcp_wrappers into the sendmail daemon itself!  It should be said that this is not straightforward.

  • Using checkcompat()

This routine is easiest used with the patch by Kyle Jones.  Basically,  it disallows all non-local e-mail traffic through your host.  Make sure it isn't implemented correctly.

  • Realtime Blackhole Lists

Basically, these lists contain lists of hosts known to spam. 

To implement this, some configuration of Sendmail is necessary. A macro config .mc file is easiest.  Insert the following line to /etc/mail/

FEATURE(`dnsbl',`',`"550 Mail from " $&{client_addr} "
rejected - see"')dnl

This itself should reduce spam significantly.

A good list of Blackhole lists can be found at:

  • Spamcan

After receipt of a mail message but prior to delivery of it, sendmail checks if any of a set of given regular expressions (e.g. viagra) matched in the headers or body of the mail.  If positive matches occur, the message is filtered out and stored in the spamcan (~ /spamcan/.mail).  This folder can be checked by the sysadmin regularly.  Exceptions to the spamcan can be defined as needed.

With about an hour of tweaking almost any sendmail V8 configuration can be secured.


Search Google for any of the books or topics covered by


tiled washers

© 2006

partner sites: 
babybusinesscenter tesco codes