From owner-freebsd-hackers  Mon Apr 21 14:59:38 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA16892
          for hackers-outgoing; Mon, 21 Apr 1997 14:59:38 -0700 (PDT)
Received: from cedb.dpcsys.com (cedb.DPCSYS.com [209.25.4.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA16887
          for <freebsd-hackers@FreeBSD.ORG>; Mon, 21 Apr 1997 14:59:33 -0700 (PDT)
Received: from localhost (dan@localhost) by cedb.dpcsys.com (8.8.5/8.8.2) with SMTP id VAA08680; Mon, 21 Apr 1997 21:59:29 GMT
Date: Mon, 21 Apr 1997 14:59:29 -0700 (PDT)
From: Dan Busarow <dan@dpcsys.com>
To: Charles Henrich <henrich@crh.cl.msu.edu>
cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: sendmail tricks anyone?
In-Reply-To: <19970421163326.59258@crh.cl.msu.edu>
Message-ID: <Pine.UW2.3.95.970421144404.7039K-100000@cedb>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 21 Apr 1997, Charles Henrich wrote:
> Im trying to find out if I can make sendmail obey a set of rules like the
> following:
> 
> If an email comes from a domain that sendmail understands as local
> (/etc/sendmail.cw or what have you) to allow remailing of the mssage.
> 
> if an email comres from a domain that isnt local, only allow local delivery of
> that message, else eat it..

That's one of the uses for the new check_* rule sets.

See 

	http://www.informatik.uni-kiel.de/%7Eca/email/check.html

for a nice explanation of these rules.

Your case is covered by:

F{MxHosts} /etc/sendmail.mxhosts		# like sendmail.cw
F{LocalIP} /etc/sendmail.localip		# IP prefixes you consider local
F{SpamIP} /etc/sendmail.spamip			# IP addresses/prefixes of spammers

Scheck_rcpt
R$+                           $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $*                      $@ ok           no client addr: directly invoked
R$={LocalIP}$* $| $*          $@ ok           from here
R$={SpamIP}$* $| $*           $#error $@ 5.7.1 $: "571 Access denied"
# not local, check rcpt.  The following replaces current workspace w/ recipient
R$* $| $*                     $: $>3 $2
# remove local part, maybe repeatedly
R$*<@$=w.>$*                  $>3 $1 $3
R$*<@$*$={MxHosts}.>$*        $>3 $1 $4
# still something left?
R$*<@$+>$*                    $#error $@ 5.7.1 $: "571 no relay"

Let me know if you have questions on how this works.

Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82