Setting up SMPT.

I use sendmail and if you want to use EXIM or QMAIL, smail or MMDF for that matter you have my blessing. Here's how I do it.

Sendmail has a bunch of components that all define how the system is going to work. Some of these include domain definition, RBLs, access, mailertable, procmail.

Let's start with RBLs. So what is an RBL anyways? RBLs are Realtime BlackLists. By composing a special form of a hostname combined with the RBL that you want to use, the RBL will take your request and tell you whether your IP address is on their list or not.
There are a lot of them out there and different RBLs have different criteria for rejecting mail. Here are a few master lists of RBLs. There's the blackholese.us database as well as the this one here.

My favorite one in terms of effectiveness is easynet out of the Netherlands. It gets more of my spam than any other. In addition, I have a collection of RBLS from this guy which provides a different RBL for each country. I just pick a few of my top spamming countries to block where I have no contacts. Currently I block China, Korea, Spain, Brazil and teeny little Estonia.

There is an interface for sendmail to use RBLs. All you do is invoke the interface with the name of the RBL.

The access file is used to allow or disallow either individuals or whole domains from sending to you. It's a powerful tool for either preventing someone from sending you mail or to disable an address which has fallen into spam lists.

I keep the following program around (which is setuid root) to easily add things to my access file. I just call it block.

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>

#define unless(a) if (!(a))
#define MAILDIR "/etc/mail"
#define ACCESS MAILDIR "/access"

int main ( int argc, char **argv )
{
    FILE *fp;
    int id = getuid ();

    unless (id == 0 || id == 501) exit(0);

    unless (argc > 1)
        {
            fprintf ( stderr, "Usage: %s <domain>\n", *argv );
            exit(0);
        }

    setuid ( geteuid () );
    unless ( fp = fopen ( ACCESS, "a" ) )
        {
        fprintf ( stderr, "Failed opening " ACCESS " (%s)\n", strerror (errno) );
        exit(0);
        }
    while (argc > 1)
    {
        printf ( "%s\n", *++argv );
        fprintf ( fp, "From:%s\t\tREJECT 553 Fuck off spammer!\n", *argv );
        argc--;
    }
    fclose ( fp );

    system ( "cd " MAILDIR "; make" );
    exit ( 0 );
}

Recently, more domains will reject mail that I send them because it originates from an ip address from a dynamic ip address pool. Even though I find the politics of this to be just plain wrong, there's nothing you can do about it. The solution to getting your mail through is to use sendmail's mailertable database. Here's mine:
```
brandeis.edu    esmtp:smtp.mail.rcn.net
redhat.com      esmtp:smtp.mail.rcn.net
earthlink.net   esmtp:smtp.mail.rcn.net
mindspring.com  esmtp:smtp.mail.rcn.net
tiac.net        esmtp:smtp.mail.rcn.net
sprynet.com     esmtp:smtp.mail.rcn.net
raptah.com      esmtp:smtp.mail.rcn.net
arbella.com     esmtp:smtp.mail.rcn.net
compuware.com   esmtp:smtp.mail.rcn.net
juno.com        esmtp:smtp.mail.rcn.net
netzero.com     esmtp:smtp.mail.rcn.net
```
This just says, if you want to send mail to any of the above domains, just route it through RCN (my ISP) where final delivery will be done by them from their marvelous static address.
Since I subscribe to about 50 different mailinglists, I'd go crazy in about 2 days if I didn't use procmail to sort my mail into different input folders. I just write my .procmailrc file and everything just goes to the correct folders.

In addition, you can create a system procmail file to cause all mail to go through the filtering process. Here's my /etc/procmailrc:
```
DROPPRIVS=yes

:0fw
* < 256000
      | spamc
```

I'm showing this as an intro to the fact that I also use Spamassassin. Spamassassin is very cool. It filters your mail looking for spam and is remarkably accurate. It has hundreds of specific builtin tests and also runs other spam filters external to it: It runs razor, DCC (which stands for Distributed Checksum Clearinghouse) and Pyzor (all of which I have installed).

In addition, it runs Bayesian analysis which is a learning system for spam. This means that it doesn't know anything about spam when it's first installed. But every item of mail that it gets is tagged as either spam or ham. After learning from a couple hundred examples, the system kicks in and becomes even more accurate.
I use qpopper to transfer mail around. Use the APOP protocol and it's about as secure as you'd ever want.

So without further ado, here's my /etc/mail/sendmail.mc file

divert(-1)
dnl This is the sendmail macro config file. If you make changes to this file,
dnl you need the sendmail-cf rpm installed and then have to generate a
dnl new /etc/sendmail.cf by running the following command:
dnl
dnl        m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
dnl

divert(-1)
include(`/usr/share/sendmail-cf/m4/cf.m4')
define(`confDEF_USER_ID',``8:12'')
VERSIONID(`syslang nodns')
Cwsaturn localhost
OSTYPE(`linux')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confTO_CONNECT', `1m')dnl
FEATURE(always_add_domain)
FEATURE(use_cw_file)
FEATURE(use_ct_file)
FEATURE(`smrsh',`/usr/sbin/smrsh')
FEATURE(nocanonify)
define(`confTO_QUEUEWARN', `5m')
define(`confSAFE_FILE_ENV', `/var/mailjail')dnl
FEATURE(relay_hosts_only)

define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
define(`LUSER_RELAY', `local:steveo')
dnl define(`ALIAS_FILE',`/etc/aliases,/usr/local/majordomo/lists/ALIASES/mj-alias-syslang.net')dnl
FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl
FEATURE(blacklist_recipients)dnl
FEATURE(`mailertable')dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
FEATURE(virtusertable)
FEATURE(redirect)
MASQUERADE_AS(`syslang.net')
MASQUERADE_DOMAIN(`.syslang.net')
FEATURE(`delay_checks')
FEATURE(`dnsbl', `blackholes.easynet.nl', `"550 5.7.1 ACCESS DENIED to <"$&f"> thru "$&{client_name}" by easynet.nl DNSBL (http://blackholes.easynet.nl/errors.html)"', `')dnl
FEATURE(dnsbl,`bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}')dnl 
FEATURE(dnsbl,`dnsbl.njabl.org',`Message from $&{client_addr} rejected - see http://njabl.org/')dnl
FEATURE(dnsbl,`list.dsbl.org')dnl
dnl FEATURE(dnsbl, `relays.osirusoft.com')dnl
dnl FEATURE(dnsbl,`blackholes.five-ten-sg.com')dnl
FEATURE(dnsbl,`opm.blitzed.org')dnl
FEATURE(dnsbl,`orbs.dorkslayers.com')dnl
FEATURE(dnsbl,`relays.ordb.org')dnl
FEATURE(dnsbl,`tr.countries.nerd.dk', `SPAM from Turkey:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`kr.countries.nerd.dk', `SPAM from Korea:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`cn.countries.nerd.dk', `SPAM from China:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`nl.countries.nerd.dk', `SPAM from Netherlands:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`ee.countries.nerd.dk', `SPAM from Estonia:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`br.countries.nerd.dk', `SPAM from Brazil:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`id.countries.nerd.dk', `SPAM from Indonesia:$&{client_addr} rejected')dnl
FEATURE(dnsbl,`es.countries.nerd.dk', `SPAM from Spain:$&{client_addr} rejected')dnl
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
EXPOSED_USER(`root')dnl
MAILER(local)
MAILER(smtp)
MAILER(procmail)

LOCAL_CONFIG
# This regular expression matches some random X-Mailer headers.
#Krandommailer regex -f -S  -aREJECT ^[.0-9A-Za-z]*[0-9][.0-9A-Za-z]*$$

dnl regex map for character sets (not case-sensitive)
KCharsetKorean regex -a@MATCH charset=.*(euc-kr|korean|ks.*c)
KCharsetRussian regex -a@MATCH charset=.*koi8-r
KCharsetChinese regex -a@MATCH charset=.*(big5|Chinese|cn|gb)

LOCAL_RULESETS
##################################################################
#  Local ruleset - Check Content-Type:                           #
##################################################################
dnl Reject based on Content-Type header
HContent-Type:		$>CheckContentType
D{NoKoreanMsg}Korean not spoken here.
D{NoChineseMsg}Chinese not spoken here.
D{NoRussianMsg}Russian not spoken here.

SCheckContentType
R$*		$: $(CharsetRussian $&{currHeader} $)
R@MATCH		$#error $: 550 5.7.0 ${NoRussianMsg}
R$*		$: $(CharsetKorean $&{currHeader} $)
R@MATCH		$#error $: 550 5.7.0 ${NoKoreanMsg}
R$*		$: $(CharsetChinese $&{currHeader} $)
R@MATCH		$#error $: 550 5.7.0 ${NoChineseMsg}

# Reject mail sent by self-identifying spamware.
HX-Mailer: $>+CheckXMailer
SCheckXMailer
#R$+				$: $(randommailer $1 $)
RDirect Email $+		$: REJECT
REmailer Platinum $+		$: REJECT
RSent with E-Mail Magnet $+	$: REJECT
RGroup Mail $+			$: REJECT
REMailing List Pro $+		$: REJECT
Rdiffondi $+			$: REJECT
RMail Bomber			$: REJECT
RDynamic Opt-In Emailer $+	$: REJECT
RMaxBulk Mailer $+		$: REJECT
RFletMail $+			$: REJECT
RMailWorkZ $+			$: REJECT
RGoldMine $+			$: REJECT
RREJECT				$#error $@ 5.7.1 $: 553 Spam rejected

HX-Spam-Warning: $>CheckXSpamWarning
SCheckXSpamWarning
R$*				$#error $@ 5.5.3 $: 553 Spam rejected

Note that the stuff at the end allows me to reject all mail which is in foreign character sets or comes from people who are willing to annotate their mail as spam.