Another sendmail relaying problem.

Travis Fraser travis at snowpatch.net
Mon Jun 28 14:10:00 UTC 2004 

On Mon, 2004-06-28 at 09:49, Cowles, Steve wrote:
> Whether or not sendmail can be configured to block e-mail addressed in this
> form, from "just" external users?... I don't know. In postfix, I block
> external users from addressing e-mail in this form (at least the MAIL FROM
> part, not the header from) by first testing if the e-mail was submitted from
> someone in my local network. If so, ACCEPT and deliver it. If the e-mail was
> submitted from an external source -and- the from address (mail from) is set
> to someone in my domain, then reject. By testing in this precise order,
> local users can still send e-mail to other local users, but exteternal ones
> cannot. Again, I'm only testing the "MAIL FROM", not the header from. i.e.
> 
> C:\> telnet mail.mydomain.com 25
> 
> 220 mail.mydomain.com ESMTP Postfix (2.1.1)
> helo external.otherdomain.com
> 250 mail.mydomain.com
> mail from: <scowles at mydomain.com>
> 250 Ok
> rcpt to: <scowles at mydomain.com>
> 554 <scowles at mydomain.com>: Sender address rejected: You are NOT from
> mydomain.com
> DATA
> 554 Error: no valid recipients
> quit
> 221 Bye
> Connection to host lost.
> 
> NOTE: The above test generates a 554 (do not pass go, do not collect $200.00
> so to speak) and does NOT generate a bounce. Nice! Also, this test is done
> prior to the Data portion of the e-mail being read.
> 
> But if an e-mail is submitted from a system on my local network...
> 
> C:\> telnet mail.mydomain.com 25
> 
> 220 mail.mydomain.com ESMTP Postfix (2.1.1)
> helo enterprise.mydomain.com
> 250 mail.mydomain.com
> mail from: <scowles at mydomain.com>
> 250 Ok
> rcpt to: <scowles at mydomain.com>
> 250 Ok                           <----- From/To accepted
> DATA
> 354 End data with <CR><LF>.<CR><LF>
> From: Steve Cowles <scowles at mydomain.com>
> To: Steve Cowles <scowles at mydomain.com>
> Subject: This is a test. Please ignore!
>             <----- Delimiter between message header/body.
> This is line one of the e-mail body.

Steve,

If I might ask, what do you configure in main.cf to achieve what you
described above?

Travis Fraser

More information about the fedora-list mailing list