[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sendmail & access restrictions

This one time, at band camp, Christian Storch said:
> Here some straightforward methods for sendmail:
> You want to restrict to some IP's?
> local-host-names:
> 10.0.0
> 192.168

Sure, but this doesn't stop incoming mail addressed to this hostname,
but coming from some random place, from being accepted.

> Or to authenticated users?
> http://lists.debian.org/debian-isp/2004/debian-isp-200402/msg00267.html

Already taken care of.

Maybe this will make it more clear:

internet---                mail.foo.com

This is the normal flow of mail.  The only other mail that should ever
be accepted by mail.foo.com is mail coming from roaming users, who use
auth+ssl on their connections.  The mail is already flowing from
frontend 1&2, and the auth part is set up for the users.  The problem we
are having is that mail is still arriving at mail.foo.com from other
sites (presumably all spam), and we would like it to be rejected by
sendmail.  We can't close the port, due to roaming users.  Local users
also use webmail, so sent mail should reflect the real host name of the

I can't think this would be that unusual of a set up, but it doesn't seem
to be as easy to do as I would think.  If it's possible to force
sendmail to only accept smtp auth as a hack, I would be willing to do
that, although it seems that it should be possible without.  I have
tried the bat book, sendmail.org, etc. but I don't see what I am 
looking for anywhere.

Thanks all,
|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |

Attachment: pgpVltRrtiSE_.pgp
Description: PGP signature

Reply to: