В sendmail.cf присутствуют строки:

# DNS based IP address spam list dul.ru Use mail relays of your ISP
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.dul.ru Use mail relays of your ISP. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.dul.ru Use mail relays of your ISP. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site dul.ru Use mail relays of your ISP"

# DNS based IP address spam list work.drbl.caravan.ru Use mail relays of your ISP
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.work.drbl.caravan.ru Use mail relays of your ISP. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.work.drbl.caravan.ru Use mail relays of your ISP. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site work.drbl.caravan.ru Use mail relays of your ISP"

# DNS based IP address spam list relays.ordb.org Spam bloked from open relay
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.relays.ordb.org Spam bloked from open relay. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.relays.ordb.org Spam bloked from open relay. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site relays.ordb.org Spam bloked from open relay"

# DNS based IP address spam list relays.ordb.org Rejected - see http://ordb.org/
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.relays.ordb.org Rejected - see http://ordb.org/. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.relays.ordb.org Rejected - see http://ordb.org/. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site relays.ordb.org Rejected - see http://ordb.org/"

# DNS based IP address spam list bl.spamcop.net Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.bl.spamcop.net Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.bl.spamcop.net Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site bl.spamcop.net Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}"

# DNS based IP address spam list ex.dnsbl.org Spam bloked - see http://www.dnsbl.org/
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.ex.dnsbl.org Spam bloked - see http://www.dnsbl.org/. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.ex.dnsbl.org Spam bloked - see http://www.dnsbl.org/. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site ex.dnsbl.org Spam bloked - see http://www.dnsbl.org/"

# DNS based IP address spam list blackholes.mail-abuse.org Rejected - see  http://www.mail-abuse.org/rbl/
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.blackholes.mail-abuse.org Rejected - see  http://www.mail-abuse.org/rbl/. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.blackholes.mail-abuse.org Rejected - see  http://www.mail-abuse.org/rbl/. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site blackholes.mail-abuse.org Rejected - see  http://www.mail-abuse.org/rbl/"

# DNS based IP address spam list dialups.mail-abuse.org Dialup - see http://www.mail-abuse.org/dul/
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.dialups.mail-abuse.org Dialup - see http://www.mail-abuse.org/dul/. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.dialups.mail-abuse.org Dialup - see http://www.mail-abuse.org/dul/. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site dialups.mail-abuse.org Dialup - see http://www.mail-abuse.org/dul/"

# DNS based IP address spam list relays.mail-abuse.org Open spam relay - see http://work-rss.mail-abuse.org/rss/
R$*            $: $&{client_addr}
R::ffff:$-.$-.$-.$-    $: <?> $(host $4.$3.$2.$1.relays.mail-abuse.org Open spam relay - see http://work-rss.mail-abuse.org/rss/. $: OK $)
R$-.$-.$-.$-        $: <?> $(host $4.$3.$2.$1.relays.mail-abuse.org Open spam relay - see http://work-rss.mail-abuse.org/rss/. $: OK $)
R<?>OK            $: OKSOFAR
R<?>$+            $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site relays.mail-abuse.org Open spam relay - see http://work-rss.mail-abuse.org/rss/"

но tcpdump не фиксирует обращение к этим ресурсам (к dul.ru, например).
и спам никак не фильтруется.

т.е. я только добавил

FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}')dnl
FEATURE(`dnsbl',`ex.dnsbl.org', `Spam bloked - see http://www.dnsbl.org/')dnl
FEATURE(dnsbl, `blackholes.mail-abuse.org', `Rejected - see  http://www.mail-abuse.org/rbl/')dnl
FEATURE(dnsbl, `dialups.mail-abuse.org', `Dialup - see http://www.mail-abuse.org/dul/')dnl
FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see http://work-rss.mail-abuse.org/rss/')dnl
FEATURE(`dnsbl', `dul.ru', `Use mail relays of your ISP')dnl

в sendmail.mc эти строки, сделал m4 sendmail.mc > sendmail.cf, а потом из результирующего файла выбрал то, что сверху написал и вставил в действующий sendmail.cf (исходного sendmail.mc у меня не сохранилось, там были доработки с антивирусом).

Что я не так сделал?

• Sendmail и спам,magr, 12:26 , 05-Дек-05
  • Sendmail и спам,Волков, 16:22 , 05-Дек-05
• Sendmail и спам,Волков, 17:44 , 05-Дек-05
  • Sendmail и спам,magr, 10:40 , 06-Дек-05
• Sendmail и спам,n3gative, 17:12 , 12-Дек-05
  • Sendmail и спам,Волков, 06:14 , 13-Дек-05

>tcpdump не фиксирует обращение к этим ресурсам (к dul.ru, например).
>и спам никак не фильтруется.

Конкретно dul.ru срабатывает нечасто, вы лучше list.dsbl.org смотрите, который у вас вроде и не указан. Там в сотни раз более частые срабатывания. И лучше не tcpdump'ом, а в maillog -- прямо искать по ответу "Spam bloked - see"

Добавил, но ничего не изменилось. Спам валится сотнями сообщений.

Что означает эта строка?
Надо ли ее ставить в сендмайл.мс?

FEATURE(dnsbl)dnl

>Что означает эта строка?
>Надо ли ее ставить в сендмайл.мс?
>
>FEATURE(dnsbl)dnl

надо что-нибудь почитать, например
http://www.opennet.me/base/net/sendmail_antispam.txt.html

http://www.sendmail.org/m4/anti_spam.html

Ты забыл несколько ` и ' ,кажется, это существенно. А заодно, такой синтаксис действует в sendmail с 8.10, до этой версии синтаксис:
Для версии  8.9 - FEATURE(`rbl', `relays.ordb.org')dnl
Для версии 8.8 (и ниже) в sendmail.cf добавляем:
R$* $: $(dequote "" $&{client_addr} $) R$-.$-.$-.$- $: $[ $4.$3.$2.$1.relays.ordb.org $] R$-.$-.$-.$-.relays.ordb.org. $#error $@ 5.7.1 $: 550 no access from [$4.$3.$2.$1], see http://ordb.org/

Поправка к указаному (=>8.10)
FEATURE(`dnsbl', `relays.ordb.org', `"Rejected - see http://ordb.org/"')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked - see http://spamcop.net/bl.shtml?$&{client_addr}"')dnl
FEATURE(`dnsbl',`ex.dnsbl.org', `"Spam bloked - see http://www.dnsbl.org/"')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org', `"Rejected - see  http://www.mail-abuse.org/rbl/"')dnl
FEATURE(`dnsbl', `dialups.mail-abuse.org', `"Dialup - see http://www.mail-abuse.org/dul/"')dnl
FEATURE(`dnsbl', `relays.mail-abuse.org', `"Open spam relay - see http://work-rss.mail-abuse.org/rss/"')dnl
FEATURE(`dnsbl', `dul.ru', `"Use mail relays of your ISP"')dnl

на http://www.dul.ru

написано именно так, как у меня, т.е. без двойных кавычек.
если бы я забыл  ` и ', то m4 ругался бы.