General
cancel
Showing results for 
Search instead for 
Did you mean: 

can outbound mail be restricted to specific addreses?

Anthony_141
Regular Advisor

can outbound mail be restricted to specific addreses?

We have a credit card applicaton running on an HP-UX system (running 11.23 version of HP-UX). Some of our accountants need to be emailed a report from this system.

That is fine, but we are wondering if there is a way to force the system to only be able to send to those accountants? Obviously, we don't want someone else being able to email themselves (or their friends) reports or data. (And yes, we know we can restrict access to the data in many ways).

So, basically we want the system to be able to mail, but only be able to mail to a limited number of mail accounts.

4 REPLIES
blah2blah
Frequent Advisor

Re: can outbound mail be restricted to specific addreses?

not sure if you can set up sendmail to do this. I know you can with procmail.

don't know if this w ould work, but i would guess if you limit permissions on the mail queue directory, i.e. cant write to the mail queue, you can't send mail.

you could think about sending your mail to a mail gateway and filter your mail that way.

you could use a host base firewall that can filter the port such as ipsec or ipfilter
Anthony_141
Regular Advisor

Re: can outbound mail be restricted to specific addreses?

We're trying to control this all on the Unix server.
Aashique
Honored Contributor

Re: can outbound mail be restricted to specific addreses?

Hi,
you can do this using tcp wrapper.per user basis you cant do this.per ip basis you can assign restriction.

Thanks
Aashique
OFC_EDM
Respected Contributor

Re: can outbound mail be restricted to specific addreses?

Read this
http://docs.hp.com/en/5991-6611/5991-6611.pdf

Look up check_compat. Sounds like it's what you need.

check_compat is used in the following situations:
- A set of users who are restricted from sending mail messages to
external domains need to send mail messages to internal domains.
Both the sender and recipient addresses are checked to ensure that
they are in the local domain.
The Devil is in the detail.