On Fri, Jan 03, 2003 at 04:53:08PM -0600, Ned Fleming wrote: > [snip] > > Are you using the FEATURE(relay_local_from) in Sendmail? This feature > allows relaying if the message claims to originate at your domain. > Since forging this address is trivial, this is probably a bad idea. > But I'm no Sendmail expert. My best advice would be to switch to > Postfix, which is orders of magnitude easier to configure.
Beside change to postfix, you can point to sendmail authentication configuration (using STARTTLS and SMTP AUTH). I use SMTP AUTH for internal user, and /etc/mail/access.db for external mail server (just limited to server that allows to relay). I add this one to my sendmail.mc define(`confAUTH_OPTIONS', `A')dnl define(`confAUTH_MECHANISMS', `CRAM-MD5 DIGEST-MD5 LOGIN')dnl TRUST_AUTH_MECH(`CRAM-MD5 DIGEST-MD5 LOGIN')dnl Regards, -kelik-
