[Mimedefang] OffTopic : Need some sendmail help (access configs)

Matthew Hall matt at angui.sh
Fri Dec 17 16:09:53 EST 2004 

Hate to post this here, but I want to stop pulling my
hair out.

I'm trying to reconfigure our sendmail installation to do a few
new tricks. Let me attempt to describe our setup.

We have a sendmail machine, which "collects" all mail from a
small network, and then relays to a smart host. The smart
host will only talk to our mail machine, so using it as a
focal point makes sense. (IT restrictions).

Our mail machine also does several header rewrites / address
changes, so that when the mail gets handed to the smart host,
all the headers are in order.

We use mailertable features to route mail back to several
internal mailers. We use generics/virtuser to rewrite
numerous addresses.

Now our problem is, the remote smart host is completely not
under our control (different group). We've noticed that emails
from our mailer are being directly routed out. IE:

To:someuser at yahoo.com -> ourmailer -> theirmailer -> yahoo

We had asked them to open this up so that email To: a very
specified address would be opened up (per some of our support
contracts). However, they opened up their mailer to route
/anything/ from our mailer. If I ask them to "fix" this again,
they'll break it, so I want to be able to filter on destination
domains.

I want to effectively whitelist our domain and a few others
for delivery, while dropping all others. I attempted to use
FEATURE(`delay_checks') but was unable to find an appropriate
set of rules to use in access.db to do what I'm attempting.
I need something like:

Accept connections from this network (xx.xx.xx.xx) OK
To:*@our.domain	RELAY
To:*@someother.domain	RELAY

otherwise REJECT.

Plus all our usual virtuser/generics stuff has to happen
before we pass it on. Snippets of my current mc:

FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `dbm /etc/mail/mailertable')
FEATURE(virtusertable, `dbm /etc/mail/virtusertable')
FEATURE(genericstable, `dbm /etc/mail/genericstable')
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')
FEATURE(`delay_checks', `hater')
MASQUERADE_AS(tormented.our.company.domain)
MASQUERADE_DOMAIN(our.internal.domain)
FEATURE(masquerade_envelope)
FEATURE(masquerade_entire_domain)
VIRTUSER_DOMAIN_FILE(`/etc/mail/virt-domains')

This is with: Sendmail 8.12.6/8.12.6

Thanks,

-- 
It's always September somewhere on the 'net. | http://angui.sh
Another proud member of Eep's killfile.      | Unix Sys. Admin.
All projects approach the ghetto, some       |
faster than others.                          | matt at angui.sh

More information about the MIMEDefang mailing list