Re: Sendmail and system users RESOLVED

To: "Stephen R. Darragh" <srd@it.net.au>
Cc: debian-isp@lists.debian.org
Subject: Re: Sendmail and system users RESOLVED
From: Anthony Tippett <atippett@sports-it.com>
Date: Thu, 17 Mar 2005 13:30:27 -0800
Message-id: <[🔎] 20050317213027.GH18969@arenasports.net>
In-reply-to: <1111046537.8613.110.camel@trunks.leederville.it.net.au>
References: <[🔎] 20050316211032.GB18969@arenasports.net> <1111046537.8613.110.camel@trunks.leederville.it.net.au>

Thanks for all your help!


-- 
Anthony Tippett - Sports-IT - 425-443-3152

On Thu, Mar 17, 2005 at 04:02:17PM +0800, Stephen R. Darragh wrote:
> There are several ways I can think of to achieve them.  None is
> particularly nice.  A few are:
> 
> 1.  Extend ruleset 98 to lookup the recipient's username in a table and,
> if it's found, reject non-local mail for the address.
> 
> 2.  Use MIMEDefang to do the same thing (huge overhead compared to
> solution 1, which is quite trivial).
> 
> 3.  Setup the machine's normal mail domain as a virtual domain (see
> VIRTUSER_DOMAIN_FILE) and take it out of class w.  Put a special name
> like mbox.maildomain into class w.  Readdress mail using virtusertable:
> 
> games@maildomain		bogus-address-or-error
> @maildomain			%1%3@mbox.maildomain
> 
> Mail to unqualified local addresses should bypass this and work
> (provided $j is mbox.maildomain).
> 
> On Wed, 2005-03-16 at 13:10 -0800, Anthony Tippett wrote:
> > I've been trying to figure out how to limit particular users from
> > getting non-local mail.  I'm not sure of some terminologies that I might
> > be trying to describe so please bare with me.
> > 
> > For example, users bin, sys, mail, sync, games are non-interactive user
> > accounts and I pretty sure I don't want them to get email from the
> > outside world (correct me if i'm wrong).  I'd like to some how restrict
> > these users.  I'm probably am not providing enough information but
> > here's my sendmail.mc file.
> > 
> > Thanks for anyone's help in advance.
> > 
> > define(`_USE_ETC_MAIL_')dnl
> > include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
> > include(`/etc/mail/tls/starttls.m4')dnl
> > VERSIONID(`$Id: sendmail.mc, v 8.12.3-4 2002-04-15 17:35:56 cowboy Exp
> > $')
> > OSTYPE(`debian')dnl
> > DOMAIN(`debian-mta')dnl
> > dnl #
> > dnl # General defines
> > dnl #
> > dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
> > dnl #   into this directory before writing files.
> > dnl #   If *all* your user accounts are under /home then use that
> > dnl #   instead - it will prevent any writes outside of /home !
> > dnl #   define(`confSAFE_FILE_ENV',             `')dnl
> > LOCAL_CONFIG
> > FEATURE(`always_add_domain')dnl
> > LOCAL_CONFIG
> > FEATURE(`use_cw_file')dnl
> > FEATURE(`use_ct_file')dnl
> > FEATURE(`nouucp', `reject')dnl
> > MAILER_DEFINITIONS
> > 
> > LOCAL_CONFIG
> > MASQUERADE_AS()dnl
> > ## Custom configurations below (will be preserved)
> > define(`ALIAS_FILE',`/etc/mail/aliases')
> > FEATURE(masquerade_envelope)dnl
> > FEATURE(virtusertable, hash -o `/etc/mail/virtusertable.db')dnl
> > FEATURE(genericstable, hash -o `/etc/mail/genericstable.db')dnl
> > GENERICS_DOMAIN_FILE(/etc/mail/sendmail.cG)dnl
> > MAILER(local)dnl
> > MAILER(smtp)dnl
> > define(`confMAX_MESSAGE_SIZE', `12000000')
> > 
> > dnl # clamav
> > include(`/etc/mail/m4/clamav-milter.m4')dnl
> > 
> > 
> > -- 
> > Anthony Tippett - Sports-IT - 425-443-3152
> > 
> > 
> -- 
> Stephen Darragh
> Technical Director
> Informed Technology
> Ph: +61 8 9380 4244  Fax: +61 8 9380 4354

Reply to:

References:
- Sendmail and system users
  - From: Anthony Tippett <atippett@sports-it.com>

Prev by Date: Re: Courier or Cyrus
Next by Date: Re: Courier or Cyrus
Previous by thread: Re: Sendmail and system users
Next by thread: RE: Sendmail and system users
Index(es):
- Date
- Thread