From owner-freebsd-questions@FreeBSD.ORG Fri May 2 12:21:39 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 440A037B401 for ; Fri, 2 May 2003 12:21:39 -0700 (PDT) Received: from smtp.infracaninophile.co.uk (ns0.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 507A143F93 for ; Fri, 2 May 2003 12:21:37 -0700 (PDT) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [127.0.0.1]) h42JLUw0015749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 2 May 2003 20:21:30 +0100 (BST) (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost)h42JLUIQ015748; Fri, 2 May 2003 20:21:30 +0100 (BST) (envelope-from matthew) Date: Fri, 2 May 2003 20:21:30 +0100 From: Matthew Seaman To: Mike Hogsett Message-ID: <20030502192130.GC14853@happy-idiot-talk.infracaninophile.co.uk> Mail-Followup-To: Matthew Seaman , Mike Hogsett , questions@freebsd.org References: <200305021855.h42ItYCG026151@quarter.csl.sri.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="i7F3eY7HS/tUJxUd" Content-Disposition: inline In-Reply-To: <200305021855.h42ItYCG026151@quarter.csl.sri.com> User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-38.8 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,PGP_SIGNATURE_2, QUOTED_EMAIL_TEXT,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT_MUTT version=2.53 X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp) cc: questions@freebsd.org Subject: Re: Sendmail & Valid users X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 May 2003 19:21:39 -0000 --i7F3eY7HS/tUJxUd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 02, 2003 at 11:55:34AM -0700, Mike Hogsett wrote: > I have a question regarding sendmail and this list may be able to point me > in the right direction. >=20 > What I want is to be able to verify the address in the "MAIL FROM:" during > the SMTP transaction for domains that this sendmail is responsible for. >=20 > If they are claiming to be within our domain(s) then the address in "MAIL > FROM:" should be a valid recipient. The standard mechanism use to control this sort of thing is the access DB (/etc/mail/access) -- take a look at http://www.sendmail.org/tips/relaying.html for a good introduction. There's more that can go into the access database than is discussed in that page: the canonical reference is the /usr/share/sendmail/cf/README file. Now, the access db is usually keyed off the domainname part of an address: you can do some filtering on whole addresses but it isn't really a general solution. If you need finer grained control than the access DB can give you, you should look into using the sendmail AUTH mechanism: http://www.sendmail.org/~ca/email/auth.html or even the STARTTLS support: http://www.sendmail.org/~ca/email/starttls.html http://www.ofb.net/%7Ejheiss/sendmail/tlsandrelay.shtml Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK --i7F3eY7HS/tUJxUd Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+ssU6dtESqEQa7a0RAnIdAJ92aX0dIRZ9fFImC4HuGsGvYWhkdACdEA86 NkyatHn4xZbtj9dd4tK7sGY= =UJ9V -----END PGP SIGNATURE----- --i7F3eY7HS/tUJxUd--