John Sheehy’s mc configuration file for generic ufl.edu host. Allowing controlled SMTP relaying in Sendmail 8.9 Anti-Spam Provisions in Sendmail 8.8 IRIX mail(1)/rmail(1M)/sendmail(1M) Security Vulnerabilities As of sendmail version 8.9, forwarding of […]
Read more »
- John Sheehy’s mc configuration file for generic ufl.edu host.
- Allowing controlled SMTP relaying in Sendmail 8.9
- Anti-Spam Provisions in Sendmail 8.8
- IRIX mail(1)/rmail(1M)/sendmail(1M) Security Vulnerabilities
As of sendmail version 8.9, forwarding of SMTP messages is not permitted by default. The simplest approach is to list the domains you are willing to relay in the file /etc/mail/relay-domains. Anything listed in this file will be accepted for relaying.
The following sendmail features are recommended to help control relay:
- FEATURE(access_db). Tells sendmail to refer to the access database to enable or disable access from individual domains (or hosts only, if FEATURE(relay_hosts_only) is set).
- FEATURE(blacklist_recipients). If set, this feature looks up recipients as well as senders in the access database.
The access database is normally found in /etc/mail/access. Each database entry consists of a domain name or network number as the key and an action as the value.
- Fully or partially qualified host or domain names.
- Network address or subnetwork address.
- Email address to reject mail from a specific user.
- REJECT to refuse connections from this host
- DISCARD to accept the message but silently discard it (the sender will think it has been accepted)
- OK to allow access (overriding other built-in checks)
- RELAY to allow access including relaying SMTP through your machine
- an arbitrary message to reject the mail with the customized message.
For example, an access database might contain:
firstname.lastname@example.org 550 Spammers shan’t see sunlight here
to reject all mail from any host in the cyberpromo.com domain, allow any relaying to or from any host in the ufl.edu domain, and reject mail from email@example.com with a specific message.
[infinite]If set, allow no more than the specified number of recipients in an SMTP envelope. Further recipients receive a 452 error code (i.e., they are deferred for the next delivery attempt).
[authwarnings] Privacy flags.
[$j Sendmail $v/$Z; $b] The initial (spontaneous) SMTP greeting message. The word “ESMTP” will be inserted between the first and second words to convince other sendmails to try to speak ESMTP.