From owner-freebsd-questions  Mon Nov 10 10:56:32 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id KAA20009
          for questions-outgoing; Mon, 10 Nov 1997 10:56:32 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from kithrup.com (kithrup.com [205.179.156.40])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id KAA19999
          for <questions@freebsd.org>; Mon, 10 Nov 1997 10:56:26 -0800 (PST)
          (envelope-from sef@kithrup.com)
Received: (from sef@localhost)
	by kithrup.com (8.8.7/8.8.7) id KAA19500;
	Mon, 10 Nov 1997 10:56:20 -0800 (PST)
	(envelope-from sef)
Date: Mon, 10 Nov 1997 10:56:20 -0800 (PST)
From: Sean Eric Fagan <sef@kithrup.com>
Message-Id: <199711101856.KAA19500@kithrup.com>
To: shovey@buffnet.net
Reply-To: questions@FreeBSD.ORG
Subject: Re: stopping relays
Newsgroups: kithrup.freebsd.questions
In-Reply-To: <Pine.BSI.3.95.971110112644.17613A-100000.kithrup.freebsd.questions@buffnet11.buffnet.net>
Organization: Kithrup Enterprises, Ltd.
Cc: questions@FreeBSD.ORG
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

In article <Pine.BSI.3.95.971110112644.17613A-100000.kithrup.freebsd.questions@buffnet11.buffnet.net> you write:
>
>I know this was covered before but Ill be dipped if I can find it in the
>search at www.freebsd.org
>
>Can anyone point me to a URL etc of how to stop ones sendmail from being
>used as a spam relay?

I added teh following to the freebsd.mc sendmail config file (in
/usr/src/usr.sbin/sendmail/cf/cf).  It disables relaying, and also refuses
mail from sites that are on Paul Vixie's Realtime Blackhole List.
/etc/sendmail.cR has a list of machines that are allowed to relay --
machines for which I serve as a mail host, for example.  You should also
have something like

	FM-o /etc/sendmail.mxhosts

with a list of machiens for which you supply MX service, but I haven't
verified that.  Sorry.  (I barely understand sendmail ;).)

LOCAL_CONFIG
FR-o /etc/sendmail.cR

LOCAL_RULESETS
Scheck_rcpt
# anything terminating locally is ok
R< $+ @ $=w >		$@ OK
R< $+ @ $=M >		$@ OK
R$+ @ $=w		$@ OK
R$+ @ $* $=M		$@ OK

# Anything originating locally is ok
R$*			$: $(dequote "" $&{client_name} $)
R$=w			$@ OK
R$=M			$@ OK
R$@			$@ OK

# Anything else is bogus
R$*			$#error $: "550 Relaying Denied"

Scheck_mail

#
# see if remote host is in the RBL <http://maps.vix.com/rbl/>
#
R$*			$: $(dequote "" $&{client_addr} $)
R$+.$+.$+.$+		$: $[$4.$3.$2.$1.rbl.maps.vix.com$]
R$* .			$#error $@ 5.7.1 $: "571 Access by relay [" $&{client_addr} "] DENIED - see http://maps.vix.com/cgi-bin/lookup?" $&{client_addr}