Questions and Answers

Amy Rich

Back in the August issue of Sys Admin, someone asked a question about how to read a file backwards, and I provided a handy one-liner in Perl. Thanks to Tillman Hodgson for pointing out that there is also a GNU program called tac (cat spelled backwards) that does the same thing. Also thanks to Tom Payerle for pointing out the program rev, which prints lines from right to left.

Q: I have our Sendmail server configured with RBL and DUL, but these lists are not complete enough to catch all the spam that we receive. We get nothing but spam, for instance, from several top-level country domains, and I'm trying to block those with the access_db feature. I'm having some difficulty blocking a TLD and all of its subdomains, however. I can successfully block the addresses in the access.db when I have an exact match. For example, the following entry works:

host.sub.domain REJECT

I obviously don't want to go through and match every host, so I was trying to write a match for the entire TLD:

.domain REJECT

When I test my access rules with sendmail -bt -v it doesn't seem to work:

> /map access .domain

map_lookup: access (.domain) returns REJECT (0)

which is fine, but:

> /map access sub.domain

map_lookup: access (sub.domain) no match (0)

which fails. How do I correctly block an entire TLD?

A: Your access.db entry is syntactically incorrect and should look like the following:

domain REJECT

You don't want the leading '.' on the domain when you're trying to block the whole domain. When lookups are done against the access database, they're done in tokens, separated by dots. When the lookup for host.sub.domain is done, it then iterates through, taking off a token and a dot each time:

host.s