Operating System - HP-UX
1820636 Members
1852 Online
109626 Solutions
New Discussion юеВ

sendmail - relay from certain domains for certain users only

 
Dan Am
Frequent Advisor

sendmail - relay from certain domains for certain users only

my specific problem:
need to allow relay from certain domains, as
our hosted mailusers are migrating dialin to larger isps.
they still want to use their
"boss@business.com" - adresses, but some of the isps append their domain to the usres name.
so i want smtp-relay for my customers who dial-in through those isp's and thus continue to be outgoing mailserver.
any hints ?
sorry for being verbose
through this
do what you can. don't if you can't.
2 REPLIES 2
Douglas Cromby_1
Valued Contributor

Re: sendmail - relay from certain domains for certain users only

Sendmail version 8.8.6 relays by default, so I wonder if you are using sendmail version 8.9.3, which does the exact opposite - ie does not relay by default.

To check your sendmail version, you can telnet to port 25, and see something like:

telnet hostname 25
Trying...
Connected to hostname.hp.com.
Escape character is '^]'.
220 hostname.hp.com ESMTP Sendmail 8.9.3 (PHNE_18979)/8.9.3; Wed, 15 Nov 20
00 09:52:37 GMT

ie this has version 8.9.3.

If you are using sendmail 8.9.3, there are a host of new anti-spamming rulesets that are used to only allow relaying from certain hosts. It is centred around creating an access database of these addresses. This is explained in the Delta Doc that come with sendmail version 8.9.3. I can email you the details if necessary, as they are rather long to post here.

David Chamberlain
Occasional Advisor

Re: sendmail - relay from certain domains for certain users only

Here is a snippet of text from one of our internal sendmail documents, I think it might point you in the right direction:Access database:

Access database is a user defined file to decide the domains from which
your user wants to receive/reject mail messages. The entries in the access
db file are either domain names, IP addresses, hosts names or e-mail
addresses.



Every line of the access db file has a key and a value pair.

1) The key can be an IP address, a domain name, a hostname or an
e-mail address.

2) The value part of the database can be:



Value Meaning

----- ---------

OK Accept mail even if other rules in the running ruleset would

reject it, for example, if the domain name is unresolvable.



RELAY Accept mail addressed to the indicated domain or received

from the indicated domain for relaying through your SMTP

server. RELAY also serves as an implicit OK for the other
checks.

REJECT Reject the sender or recipient with a general purpose
message.



DISCARD Discard the message completely using the 0discard mailer.

This only works for sender addresses (i.e., it indicates

that you should discard anything received from the I

ndicated domain).



### any text where ### is an RFC 821 compliant error code

and any text is a message to return for the command.



The default access db file is /etc/mail/access. This can be replaced by a file of

user's choice in the sendmail.cf file after the generation of the sendmail.cf using

this option.



A sample access db file /etc/mail/access is as shown below:



cyberspammer.com 550 We don't accept mail from spammers

okay.cyberspammer.com OK

128.32 RELAY

spammer@aol.com REJECT

192.168.212 DISCARD



With the above access db file you would reject all mail messages from

spammer@aol.com. You would discard all mail messages from the 192.168.212

domain. You would reject all mail messages from the cyberspammer.com

domain with an error message. You will canonical to Relay all those messages

originating from the 128.32.*.* domain. You would accept all mail messages

from the okay.cyberspammer.com domain.



NOTE: Since /etc/mail/access is a database, after creating the text file, you

must use makemap to create the database map. The command to make the

database is as shown:



makemap dbm /etc/mail/access < /etc/mail/access



Refer to makemap(1M) manpage for details on makemap utility.