Brendan Kosowski wrote:
> I would like to configure sendmail so that it only accepts or relays
> E-Mails that meet the following conditions :
>
> 1. The E-Mail contains a "To:" address containing my domain
>
> OR
>
> 2. The E-Mail contains a "From:" address containing my domain
Item 2 is definitely the wrong thing to do. If you refuse to relay
spam which has a valid From: address, but will relay spam if the
sender forges the From: address to make it appear to originate from
your domain, then you're asking for spammers to do the latter.
Also, item 1 is likely to result in valid mail bouncing, particularly
anything from a mailing list. If you look at the mail which you
receive from this list, you will note that it doesn't generally
contain your email address in any of the headers.
The correct approach is that taken by sendmail 8.9.*, and by RedHat's
sendmail 8.8.8 package, which is to relay mail if either:
1. The envelope recipient address is in your domain, or
2. The message was sent either from the host running sendmail, or from
a `trusted' IP address.
The appended check_rcpt rulset implements this mechanism.
--
Glynn Clements <[EMAIL PROTECTED]>
# This part goes at the top of sendmail.cf
#
# /etc/sendmail.ca should contain a list of IP addresses or
# partial IP addresses, one per line
Fa/etc/sendmail.ca # list of addresses to allow
# This part goes at the bottom of sendmail.cf
Scheck_rcpt
R$* $: $>3 $1 canonicalise
R$@ $@ OK null recipient
R$- $@ OK unqualified recipient
R$* < @ $=w . > $@ OK `local' domain
R$* < @ $+ . $=w . > $@ OK `local' subdomain
R$* $: $1 < @@ $&{client_addr} > insert IP address
R$* $: $(dequote $1 $: $1 $) reparse
R$* < @@ > $@ OK match null IP (local)
R$* < @@ 0 > $@ OK match IP of `0' (local)
R$* < @@ $=a $* > $@ OK match IP in sendmail.ca
R$* $#error $: "550 Relay denied" reject everything else
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
