access.db wildcards not working, despite examples in docs - SendMail

This is a discussion on access.db wildcards not working, despite examples in docs - SendMail ; Hallo, Wayne, Du (louisREMOVE) meintest am 01.08.07: > Thanks for the reply, but it's stil not working for me. Iadded the > following to lines (based on the example from the doc): > 192.168.212 REJECT > 192.169/16 REJECT The second ...

+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 11 to 20 of 29

access.db wildcards not working, despite examples in docs

  1. Default Re: access.db wildcards not working, despite examples in docs

    Hallo, Wayne,

    Du (louisREMOVE) meintest am 01.08.07:

    > Thanks for the reply, but it's stil not working for me. Iadded the
    > following to lines (based on the example from the doc):


    > 192.168.212 REJECT
    > 192.169/16 REJECT


    The second line is no CIDR notation - CIDR is 192.169.0.0/16

    Your test shows that "sendmail" cuts off the "/16" and works with
    "192.169" - and then it works as described.

    Viele Gruesse!
    Helmut


  2. Default Re: access.db wildcards not working, despite examples in docs

    Wayne M. Poe wrote:

    > Thanks for the reply, but it's stil not working for me. Iadded the
    > following to lines (based on the example from the doc):
    >
    > 192.168.212 REJECT
    > 192.169/16 REJECT
    >


    Like Andrzej Adam Filip already wrote you cannot use the
    192.169/16 directly in your access file without preprocessing.

    > And when I test:
    >
    >
    > # echo '/map access 192.168.212.4' | sendmail -bt; echo; echo
    > Warning: .cf file is out of date: sendmail 8.13.5 supports version 10,
    > .cf file is version 9
    > ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    > Enter <ruleset> <address>
    >> map_lookup: access (192.168.212.4) no match (0)
    >>

    >
    > # echo '/map access 192.168.212' | sendmail -bt; echo; echo
    > Warning: .cf file is out of date: sendmail 8.13.5 supports version 10,
    > .cf file is version 9
    > ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    > Enter <ruleset> <address>
    >> map_lookup: access (192.168.212) returns REJECT (0)


    [ snip ]

    > Am I missing something here? Is this method of testing (which I found
    > when searching google groups before my initial post) no doing what I
    > think it is? Or am I missing something else here?


    The above tests show that 192.168.212.4 in not in the map, and that
    a lookup of 192.168.212 succeeded. Like expected (at least like I
    expected :-).
    Don't expect some magic wildcard handling during lookups.
    There is no such magic.
    I think that you should be aware that sendmail will do several
    lookups starting with the full address and repeating with the
    last part stripped if no match was found.

    Using the 192.168.212.4 example:
    first 192.168.212.4 will be tried
    if that fails 192.168.212 will be tried
    if that fails again 192.168 will be tried
    if that fails again 192 will be tried.

    Regards,

    Kees.

    --
    Kees Theunissen.

  3. Default Re: access.db wildcards not working, despite examples in docs

    Wayne M. Poe wrote:
    > Bill Cole wrote:
    >> In article <5hcmj8F3ikedbU1@mid.individual.net>,
    >> "Wayne M. Poe" <louisREMOVE@REMOVEh4h.com> wrote:
    >>
    >>> P.S.
    >>>
    >>> How do I get rid of that annoying about my .cf file being out of
    >>> date? I alwyas use
    >>>
    >>> m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
    >>>

    >> Unless you have a very strangely built or old sendmail,
    >> /etc/sendmail.cf is not the right place. See the cf README.

    >
    > Actually it's symlinked to /etc/mail/sendmail.cf (/etc is what the stock
    > RH setup used)
    >


    I use CIDR notations in my access file but I have to use a external program to
    expand the notations.

    Look at http://www.borgnet.us/sendmail/ and copy/download my files. I invoke
    the main script with fix-cidr

    Save both files in /usr/sbin or /sbin to keep them out of the normal user reach.

    -- Scott


  4. Default Re: access.db wildcards not working, despite examples in docs

    Helmut Hullen wrote:
    > Hallo, Wayne,
    >
    > Du (louisREMOVE) meintest am 01.08.07:
    >
    >> Thanks for the reply, but it's stil not working for me. Iadded the
    >> following to lines (based on the example from the doc):

    >
    >> 192.168.212 REJECT
    >> 192.169/16 REJECT

    >
    > The second line is no CIDR notation - CIDR is 192.169.0.0/16
    >
    > Your test shows that "sendmail" cuts off the "/16" and works with
    > "192.169" - and then it works as described.


    It doesn't work at all:

    __/etc/mail/access__
    ....
    192.168.212 REJECT
    192.169.0.0/16 REJECT
    ....

    # makemap hash /etc/mail/access < /etc/mail/access
    # echo '/map access 192.169.0.1' | sendmail -bt; echo; echo
    Warning: .cf file is out of date: sendmail 8.13.5 supports version 10,
    ..cf file is version 9
    ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    Enter <ruleset> <address>
    > map_lookup: access (192.169.0.1) no match (0)
    >


    # echo '/map access 192.169.0.0/16' | sendmail -bt; echo; echo
    Warning: .cf file is out of date: sendmail 8.13.5 supports version 10,
    ..cf file is version 9
    ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    Enter <ruleset> <address>
    > map_lookup: access (192.169.0.0/16) returns REJECT (0)
    >


    Why is it matching the literal "192.169.0.0/16" rather than something in
    that subnet, like "192.169.0.1" or so?

    Thanks.

    --
    Wayne



  5. Default Re: access.db wildcards not working, despite examples in docs

    Kees Theunissen wrote:
    > Wayne M. Poe wrote:
    >
    >> Thanks for the reply, but it's stil not working for me. Iadded the
    >> following to lines (based on the example from the doc):
    >>
    >> 192.168.212 REJECT
    >> 192.169/16 REJECT
    >>

    >
    > Like Andrzej Adam Filip already wrote you cannot use the
    > 192.169/16 directly in your access file without preprocessing.
    >
    >> And when I test:
    >>
    >>
    >> # echo '/map access 192.168.212.4' | sendmail -bt; echo; echo
    >> Warning: .cf file is out of date: sendmail 8.13.5 supports version
    >> 10, .cf file is version 9
    >> ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    >> Enter <ruleset> <address>
    >>> map_lookup: access (192.168.212.4) no match (0)
    >>>

    >>
    >> # echo '/map access 192.168.212' | sendmail -bt; echo; echo
    >> Warning: .cf file is out of date: sendmail 8.13.5 supports version
    >> 10, .cf file is version 9
    >> ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
    >> Enter <ruleset> <address>
    >>> map_lookup: access (192.168.212) returns REJECT (0)

    >
    > [ snip ]
    >
    >> Am I missing something here? Is this method of testing (which I found
    >> when searching google groups before my initial post) no doing what I
    >> think it is? Or am I missing something else here?

    >
    > The above tests show that 192.168.212.4 in not in the map, and that
    > a lookup of 192.168.212 succeeded. Like expected (at least like I
    > expected :-).
    > Don't expect some magic wildcard handling during lookups.
    > There is no such magic.
    > I think that you should be aware that sendmail will do several
    > lookups starting with the full address and repeating with the
    > last part stripped if no match was found.
    >
    > Using the 192.168.212.4 example:
    > first 192.168.212.4 will be tried
    > if that fails 192.168.212 will be tried
    > if that fails again 192.168 will be tried
    > if that fails again 192 will be tried.


    Thank you. Is there anyway to run a test (along the lines of what I
    tried above) that shows what sendmail normal does (as you described it)
    ?

    --
    Wayne



  6. Default Re: access.db wildcards not working, despite examples in docs

    Kees Theunissen wrote:
    > Wayne M. Poe wrote:
    >
    >> How do I get rid of that annoying about my .cf file being out of
    >> date? I alwyas use
    >>
    >> m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
    >>
    >> to build my cf file... is it my m4 (/usr/bin/m4) out of date?

    >
    > Do a 'rpm -qa | grep sendmail' to list your installed sendmail* rpm's.
    > I guess its a sendmail-cf package that is missing or out of date.


    # rpm -qa | grep sendmail
    sendmail-doc-8.11.6-27.73
    sendmail-cf-8.11.6-27.73
    sendmail-8.13.5-1.73

    --
    Wayne



  7. Default Re: access.db wildcards not working, despite examples in docs

    Wayne M. Poe wrote:
    > Kees Theunissen wrote:
    >> Wayne M. Poe wrote:
    >>
    >>> How do I get rid of that annoying about my .cf file being out of
    >>> date? I alwyas use
    >>>
    >>> m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
    >>>
    >>> to build my cf file... is it my m4 (/usr/bin/m4) out of date?

    >>
    >> Do a 'rpm -qa | grep sendmail' to list your installed sendmail*
    >> rpm's. I guess its a sendmail-cf package that is missing or out of
    >> date.

    >
    > # rpm -qa | grep sendmail
    > sendmail-doc-8.11.6-27.73
    > sendmail-cf-8.11.6-27.73
    > sendmail-8.13.5-1.73


    Ok I'm updating -cf and -doc to 8.13.5 to match the main sendmail
    package

    --
    Wayne



  8. Default Re: access.db wildcards not working, despite examples in docs

    In article <5hd0dpF3h07dfU1@mid.individual.net>,
    "Wayne M. Poe" <louisREMOVE@REMOVEh4h.com> wrote:

    > Bill Cole wrote:
    > > In article <5hcmj8F3ikedbU1@mid.individual.net>,
    > > "Wayne M. Poe" <louisREMOVE@REMOVEh4h.com> wrote:
    > >
    > >> Hello. I'm having trouble with wild cards i nmy /etc/mail/access
    > >> file. The doc files shows exampels like such:
    > >>
    > >> spammer@aol.com REJECT
    > >> cyberspammer.com REJECT
    > >> 192.168.212 REJECT
    > >>
    > >> would refuse mail from spammer@aol.com, any user from
    > >> cyberspammer.com (or any host within the cyberspammer.com domain),
    > >> and any host on the 192.168.212.* network.
    > >>
    > >> I'm looking specifically at the IP address based wildcards.
    > >>
    > >> After makemap'ing I test with, for example:
    > >> echo '/map access 123.101.1.2' | sendmail -bt
    > >>
    > >> With a line reading
    > >> 123.101.*.* REJECT
    > >>
    > >> in my access file.
    > >> It seems like it's trying a literal match rather than "seeing" the
    > >> wild cards:

    > >
    > > Well, yeah. That's what it is supposed to do.
    > >
    > > What made you think that asterisks are wildcards in the access map?
    > > They are not. You are the second person this week posting with this
    > > misconception, and it makes me wonder if someone has published some
    > > really bad docs.

    >
    > Thats odd, it coems from the doc file, as noted at the top of the access
    > file[1]:
    >
    > # Check the /usr/share/doc/sendmail/README.cf file for a description
    > # of the format of this file. (search for access_db in that file)
    > # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc
    > # package.
    >
    > And in that file (which is rather nelgthy, there is a section that looks
    > like this:
    >
    > makemap hash /etc/mail/access < /etc/mail/access
    >
    > The table itself uses e-mail addresses, domain names, and network
    > numbers as keys. For example,
    >
    > spammer@aol.com REJECT
    > cyberspammer.com REJECT
    > 192.168.212 REJECT
    >
    > would refuse mail from spammer@aol.com, any user from cyberspammer.com
    > (or any host within the cyberspammer.com domain), and any host on the
    > 192.168.212.* network.
    > [...]
    >
    > This clear seems to imply * as a wild card.


    Not to me. It *specifies* how to list networks, with leading octets and
    NO wildcard characters. That works.

    * is not a wildcard in the access map. Simply IS NOT. It never has been.


    > So is there a way to do this? Or better yet, what about using CIDR
    > syntax?


    Not directly. If you want to list networks that don't have clean octet
    boundaries, you need to list each octet-boundary piece independently.

    --
    Now where did I hide that website...

  9. Default Re: access.db wildcards not working, despite examples in docs

    On 08/02/07 07:39, Wayne M. Poe wrote:
    > Kees Theunissen wrote:
    >> Wayne M. Poe wrote:
    >>
    >>> How do I get rid of that annoying about my .cf file being out of
    >>> date? I alwyas use
    >>>
    >>> m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
    >>>
    >>> to build my cf file... is it my m4 (/usr/bin/m4) out of date?

    >>
    >> Do a 'rpm -qa | grep sendmail' to list your installed sendmail* rpm's.
    >> I guess its a sendmail-cf package that is missing or out of date.

    >
    > # rpm -qa | grep sendmail
    > sendmail-doc-8.11.6-27.73
    > sendmail-cf-8.11.6-27.73
    > sendmail-8.13.5-1.73
    >


    Are you posing this because you still don't see the problem?

  10. Default Re: access.db wildcards not working, despite examples in docs

    In article <874pjiiixp.fsf@anfi.homeunix.com>,
    Andrzej Adam Filip <anfi@onet.eu> writes:
    > melsonr@aragorn.rgmhome.net (Robert Melson) writes:
    >
    >> In article <5hd0dpF3h07dfU1@mid.individual.net>,
    >>> [...] Or better yet, what about using CIDR syntax?

    >>
    >> Yep, you can use CIDR notation. I have several working examples in
    >> my own access file as well as examples subnet blocking using the
    >> now infamous example above as a pattern.
    >>
    >> <snip>

    >
    > Sendmail does not support CIDR syntax in access file *directly*.
    > Preprocessing by external program/script is required.
    >
    > http://www.sendmail.org/faq/section3.html#3.41
    > <quote>
    > How do I use CIDR notation in the access map (or other places)?
    > Date: December 3, 2002
    > Use contrib/cidrexpand to pre-process the data into a format that is
    > supported by sendmail. For example:
    > cidrexpand < access | makemap hash access
    > </quote>
    >

    Hmmmm. Learned something new today. I have an example in
    my access file that seems to work and to be in accord with
    what I understood the instructions to say is allowable.

    From:203.98.96.0/19 ERROR

    From what you say, however, this is not correct - or not
    correct without a helper script of some sort.

    Interesting. Back to the books for me.

    Thanks.

    Bob Melson

    --
    Robert G. Melson | Rio Grande MicroSolutions | El Paso, Texas
    -----
    "People unfit for freedom---who cannot do much with it---are
    hungry for power." ---Eric Hoffer


+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast

Similar Threads

  1. Fully Working Examples
    By Application Development in forum CSharp
    Replies: 11
    Last Post: 12-07-2007, 10:12 AM
  2. monitor access to docs on IIS
    By Application Development in forum Inetserver
    Replies: 1
    Last Post: 06-29-2006, 10:50 PM
  3. Reauthentication required for Office docs and Access Denied error message
    By Application Development in forum Inetserver
    Replies: 1
    Last Post: 12-15-2005, 11:30 AM
  4. Docs to Index is higher then Total Docs
    By Application Development in forum Inetserver
    Replies: 4
    Last Post: 02-19-2005, 04:22 AM
  5. Problem with wildcards in Access
    By Application Development in forum basic.visual
    Replies: 4
    Last Post: 08-11-2004, 05:13 PM