MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
January
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        
2006
Months
JanFeb Mar
Apr May Jun
Jul Aug Sep
Oct Nov Dec


Tue, Jan 17, 2006 9:57 pm

Allowing Authenticated Senders From Otherwise Blocked IP Addresses

I had a user who uses Verizon's wireless broadband service report that he could not send email from his laptop. I had Outlook on his laptop configured to use sender authentication when sending email, i.e. I had "My outgoing server (SMTP) requires authentication" and "Use same settings as my incoming mail server" checked for his email account properties. Yet when Outlook attempted to send email, he would see messages similar to the following:

Task 'rberry1@moonpoint.com - Sending' reported error (0x800CCC78) : 'Unable to send the message. Please verify the e-mail address in your account properties.
The server responded: 550 5.7.1 Mail from 70.195.76.138 refused - see http://www.dnsbl.us.sorbs.net/'

The IP address assigned to his laptop by the Verizon network was in a range listed on the Spam and Open Relay Blocking System (SORBS) blocklist as being a dynamically assigned address range. I would expect a fair amount of spam to come from spammers using infected home users' systems as spam distribution points with most home users having dynamically assigned IP addresses, so I wanted to keep the SORBS blocklist in place on the server, but I did need to allow the user to send email through the server.

In order to allow the user to send email via the email server, but keep the SORBS blocklist, I maintained the sender authentication on his system, but modified /etc/mail/sendmail.mc on the email server. I "uncommented" the delay_checks line in the sendmail.mc file as below:

Original line

dnl FEATURE(delay_checks)dnl

New line

FEATURE(delay_checks)dnl

I then regenerated the sendmail.cf file and restarted sendmail with the following commands:

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
/etc/init.d/sendmail restart

I was then able to send from his laptop while connected to the Verizon broadband wireless service without a problem.

The delay_checks feature delays checks of the IP address of the sender against blocklists, aka blacklists, until after sender authentication. If sender authentication succeeds the presence of the sender's IP address on a blocklist won't matter. His email will still be accepted.

References:

  1. Anti-UBE FEATUREs in Sendmail 8.10/8.11

[/network/email/sendmail] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo