[plug] Sendmail: Allowing and Restricting Access to yahoo.com,etc.

Thu, 09 Feb 2006 17:26:10 -0800

Hello fellow PLUGgers!

I need your opinion on this one regarding Sendmail running on RHEL3.

I currently have 5 servers, 3 of which are Linux machines.

mail.domain.com = x.x.x.2 (contains users edf and rst)
local.domain.com = x.x.x.3 (contains users xyz and abc)
ns1.domain.com = x.x.x.1

My present setup:

Users xyz and abc are configured to use x.x.x.3 as SMTP. They are able to send and receive to local users on x.x.x.3 and x.x.x.2 only (no emails outside the network like yahoo.com)
Users edf and rst are configured to use x.x.x.2 as SMTP. They are able to send emails to the internet (no restrictions), they are able to send and receive from users on x.x.x.2 and x.x.x.3.

What is required:

Users in x.x.x.2 should be able to receive from internet domains, but only allowed users should be able to send. Also, users from x.x.x.2 should be able to send/receive to/from x.x.x.3 and vice versa.

Ive found scripts on Google a while back and it seemed to work. Except that when I try to block some users from accessing mail coming from the internet, they are also blocked from x.x.x.3. The way I see it, the script (or tweak) considers the x.x.x.3 as an internet domain.

This is script I inserted in my sendmail.cf file:

    F{Internal}/etc/mail/intern.only   ##### this is somewhere in the middle

    #### located at the bottom of the file

    Slocal_check_rcpt # get sender address and canonify it
    R$*                             $: $1 $| $>3 $&f
    R$* $| <>                       $@ OK           <> is always ok
    R$* $| $={Internal} <@$=w.>     $: $1           [EMAIL PROTECTED]    ?
    R$* $| $={Internal}             $: $1           luser?
    R$* $| $*                       $@ OK           someone else
    R$*                             $: $>3 $1       check recipient
    R$+<@$=w.>                      $@ OK           local? ok
    R$+<@$+>                        $#error $@ 5.1.8 $: "551 Sorry. You are only assigned to send local emails. Your boss does notlike you"


Now I reverted back to allowing all users in x.x.x.2 to have internet mails, no restrictions.

What would be the best approach to this one? btw, you can check the network diagram here.

TIA!

_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
[email protected] (#PLUG @ irc.free.net.ph)
Read the Guidelines: http://linux.org.ph/lists
Searchable Archives: http://archives.free.net.ph

Reply via email to