[Mimedefang] Locking down sendmail from behind a filtering gateway
John Von Essen
john at quonix.net
Tue Feb 17 14:29:16 EST 2015
David,
I am actually not running MD on the mail server, just on the filtering
devices that sit in front.
But yes, I never even thought of that, I could use MD on the mail server and
implement the reject/allow logic. I was just trying to see if there was a
native way to do it in sendmail. If I had 2nd NICs on all the servers, I
could do it that way via backdoor network.
-John
-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com] On Behalf Of David F.
Skoll
Sent: Tuesday, February 17, 2015 1:20 PM
To: mimedefang at lists.roaringpenguin.com
Subject: Re: [Mimedefang] Locking down sendmail from behind a filtering
gateway
On Tue, 17 Feb 2015 12:19:34 -0500
John Von Essen <john at quonix.net> wrote:
> Any thoughts, the filtering gateways only have 1 NIC. Worst case, I
> can put a firewall on the mail server, but I didn't want to have to do
> that. Is there a way to make sendmail deny everything by default?
You're using MIMEDefang, right?
sub filter_relay
{
my ($ip) = @_;
if ($ip ne '127.0.0.1' &&
$ip ne 'X.X.X.X' &&
$ip ne 'ipv6:ipv6::ipv6') {
return('REJECT', 'Unauthorized');
}
return ('CONTINUE', '');
}
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang
mailing list MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
More information about the MIMEDefang
mailing list