I know exactly what's occuring. We use a commercial content security gateway for a lot of our customers to handle that situation. Most of the good commercial CSGs will prevent spoofing from "external" networks like you've described. I've not found a way to accomplish this using sendmail via the "FEATURE_WHATEVER" and running them through m4. My guess is you'd need to drag out the batbook and hack up your .cf file by hand. (ugh)
I don't know what this would involve in terms of client volume, general mayhem, and PITA factor, but you could always go the TLS/SSL authentication route. In a small (one or two domain) configuration, I've found postfix to be the MTA of choice for that type of deployment. Make 'em authenticate. If they do, let 'em relay and log it. If someone's spamming, you know exactly who to lynch. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Friday, January 03, 2003 1:03 PM To: [EMAIL PROTECTED] Subject: Re: Sendmail 8.11 configuration/security issue On Fri, 3 Jan 2003 [EMAIL PROTECTED] wrote: > I'm running sendmail 8.11 on a Solaris server. The server has a single > interface and sits in my DMZ. I'm trying to find a way to block > inbound mail with my domain spoofed as the sender. I'm not sure what you accomplish by doing this. see: http://groups.google.com/groups?selm=8nl0kt%24mna%241%40zardoc.endmail.org&output=gplain
