Hello all, We're in the process of locking down access to various services on a network, and one of the things we want to do is lock down sendmail a little. We are migrating a box from being the front-end mail machine, with the SASL database and all of the other user info on it, to being a backend machine that only does two things: receive mail from front-end machines for the local domain, and relay mail that has used SMTP-AUTH. I think I'm being dense, but I can't figure out how to do something like the following in /etc/mail/access: xxx.xxx.xxx.xxx: OK # front-end machine 1 xxx.xxx.xxx.xxy: OK # front-end machine 2 [ . . . ] AUTH: OK *: REJECT I would like the above logic, but still have local mail (cron jobs, etc) work somehow. Anybody set this kind of thing up before? I know how to do it in exim4 (or at least have rough ideas), but I can't figure out how to do the logic for sendmail. TIA, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
pgpZkBLrEjS6T.pgp
Description: PGP signature