From owner-freebsd-questions@freebsd.org  Wed Jan  4 13:07:07 2017
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6F3A2C9E2EB
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Wed,  4 Jan 2017 13:07:07 +0000 (UTC)
 (envelope-from smithi@nimnet.asn.au)
Received: from sola.nimnet.asn.au (paqi.nimnet.asn.au [115.70.110.159])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id DB9B013C8
 for <freebsd-questions@freebsd.org>; Wed,  4 Jan 2017 13:07:06 +0000 (UTC)
 (envelope-from smithi@nimnet.asn.au)
Received: from localhost (localhost [127.0.0.1])
 by sola.nimnet.asn.au (8.14.2/8.14.2) with ESMTP id v04D6i2M057257;
 Thu, 5 Jan 2017 00:06:47 +1100 (EST)
 (envelope-from smithi@nimnet.asn.au)
Date: Thu, 5 Jan 2017 00:06:44 +1100 (EST)
From: Ian Smith <smithi@nimnet.asn.au>
To: Bernt Hansson <bah@bananmonarki.se>
cc: freebsd-questions@freebsd.org
Subject: Sendmail on freebsd
In-Reply-To: <mailman.98.1483531202.40760.freebsd-questions@freebsd.org>
Message-ID: <20170104232802.Y26979@sola.nimnet.asn.au>
References: <mailman.98.1483531202.40760.freebsd-questions@freebsd.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2017 13:07:07 -0000

In freebsd-questions Digest, Vol 657, Issue 5, Message: 18
On Wed, 4 Jan 2017 08:26:48 +0100 Bernt Hansson <bah@bananmonarki.se> wrote:
 > Hello list!
 > 
 > Have a question or more about /etc/mail/access.
 > 
 > Is this list appropiatefor this kind of question?

I don't see why not.

 > If not, please point me in the right direction.
 > 
 > If  i put this in /etc/mail/access
 > 
 > com    REJECT
 > 
 > Does that reject all domains that contain com
 > or just TLD com.

The latter, BUT unless things have changed, you need to specify what 
kind of header it appears in, e.g (and yes, these are real entries):

Connect:xyz		REJECT
From:xyz		REJECT

The former rejects all mail 'Received: from' any hostname *.xyz
The latter rejects mail with 'envelope-from' any address@*.xyz

For example, this (digest) message had first headers of:

Return-Path: <owner-freebsd-questions@freebsd.org>
Received: from mx2.freebsd.org (mx2.freebsd.org [8.8.178.116])
    by xxxx.nimnet.asn.au (x.yy.z/x.yy.z) with ESMTP id v04C0M0x055062
    for <smithi@nimnet.asn.au>; Wed, 4 Jan 2017 23:00:28 +1100 (EST)
    (envelope-from owner-freebsd-questions@freebsd.org)

Return-Path: is often, usually, but NOT always = envelope-from

Connect:mx2.freebsd.org		ACCEPT
 would accept all mail 'Received: from' hostname mx2.freebsd.org

From:freebsd.org		ACCEPT
 would accept mail from or _claiming_ to be from any address@freebsd.org

That is: envelope-from addresses, as most other headers, can be forged, 
whereas Connect: hostnames are returned by DNS lookup on the IP address, 
and generally speaking can be relied upon - if your DNS server can be :)

cheers, Ian