After adding a new DNSBL to Sendmail, how can I resubmit an email to see if it will be rejected?
After sleeping on it, the solution ended up being trivial:
ssh my-mail-server
# Add 1.2.3.4 as an alias (eth1:0) to interface eth1:
sudo ifconfig eth1:0 1.2.3.4 netmask 255.255.255.255
# Use 1.2.3.4 as the source ip, connect to port 25 on the local host:
nc -s 1.2.3.4 0.0.0.0 25
HELO 1.2.3.4
MAIL FROM: [email protected]
RCPT TO: [email protected]
DATA
Subject: is this really from 1.2.3.4?
Test from 1.2.3.4
.
QUIT
^C
# Deleting 1.2.3.4 from eth1:
sudo ifconfig eth1:0 0.0.0.0
Voilà, the resulting header:
Return-Path: <[email protected]>
Received: from 1.2.3.4 ([1.2.3.4] (may be forged))
by earth.com (8.15.2/8.15.2) with SMTP id 1731SlYY013775
for <[email protected]>; Mon, 2 Aug 2021 18:29:14 -0700
Authentication-Results:the-force.com; dkim=permerror (bad message/signature format)
Date: Mon, 2 Aug 2021 18:28:47 -0700
From: <[email protected]>
Message-Id: <[email protected]>
Subject: Test subject
It also revealed that the ip address was not being blocked (DNSBL not working?), so in that sense, the test was a success. :-/
Update: D'oh! The lines in sendmail.mc should be like this instead:
FEATURE(`dnsbl',`dnsbl.sorbs.net',`"554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl
FEATURE(`dnsbl',`b.barracudacentral.org',`"554 Rejected " $&{client_addr} " found in b.barracudacentral.org"')dnl
In other words, the 'dnl' on the front was commenting-out all of the DNSBL lines. :-(
Aaaaand this is why we test, ladies and gentlemen.