[Mimedefang] Locking down sendmail from behind a filtering gateway
Kees Theunissen
C.J.Theunissen at differ.nl
Tue Feb 17 16:33:46 EST 2015
On Tue, 17 Feb 2015, John Von Essen wrote:
>Initially I thought I could do this with the access table, i.e.
>
>Connect:1 REJECT
>Connect:2 REJECT
>?
>?
>Connect:254 REJECT
>Connect:127.0.0.1 OK
>Connect: X.X.X.X OK
>
>Where X.X.X.X is the IP of my filtering gateway. I ?think? the above
>works, I did it once before a long time ago. But the problem is my mail
>server is also IPv6, so doing the above for IPv6 is not practical.
>
>Any thoughts, the filtering gateways only have 1 NIC. Worst case, I can
>put a firewall on the mail server, but I didn?t want to have to do that.
>Is there a way to make sendmail deny everything by default?
Not tested but the line below should work as catch-all rule for IPv6.
Connect:IPv6 REJECT
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: C.J.Theunissen at differ.nl
postal address: PO Box 1207, 3430 BE Nieuwegein, NL
visitors address: Edisonbaan 14, 3439 MN Nieuwegein, NL
More information about the MIMEDefang
mailing list