[Mimedefang] OffTopic : Need some sendmail help (access configs)
Michael Sofka
sofkam at rpi.edu
Fri Dec 17 19:10:34 EST 2004
On Friday 17 December 2004 04:09 pm, Matthew Hall wrote:
> I want to effectively whitelist our domain and a few others
> for delivery, while dropping all others. I attempted to use
> FEATURE(`delay_checks') but was unable to find an appropriate
> set of rules to use in access.db to do what I'm attempting.
> I need something like:
>
> Accept connections from this network (xx.xx.xx.xx) OK
> To:*@our.domain RELAY
> To:*@someother.domain RELAY
>
> otherwise REJECT.
Either we talked on Lily earlier this week, or this
is a remarkable coincidence.
First, you will have to do the blocking by class A subnets.
1 550 Access denied
2 550 Access denied
...
255 550 Access denied
The sendmail access file has no regular expressions. Instead,
sendmail.cf defines rules which looks up specific IP or domains,
followed by less specific networks and domains. So, just write
a quick perl/ph/C/whatever program to generate the block list.
Second, have you tried "FEATURE(`delay_checks', `friend')"?
This would let you define a rule such as:
spam:@ourdomain FRIEND
to allow email to users in @ourdomain, even though they would
be rejected otherwise. (You may also need to add the IP addresses
of connecting machines.)
Alternatively, if you know who the email is destined for
you can use the userdb to keep a list of maildrops. As
an administrator of a "theirmailer" (but, not this particular
"theirmailer" machine) machine, I would prefer this solution
since it keeps the junk off of our machine. (For example,
if a spammer finds you and starts sending undeliverable email
to our.domain, "theirmachine" will get stuck with all the
undeliverable email, subsequent postmaster bounces.)
Mike
--
Michael D. Sofka sofkam at rpi.edu
C&CT Sr. Systems Programmer Email, TeX, epistemology.
Rensselaer Polytechnic Institute, Troy, NY. http://www.rpi.edu/~sofkam/
More information about the MIMEDefang
mailing list