Date: Wed, 28 Jan 1998 21:18:01 +0000 From: Brian Somers <brian@Awfulhak.org> To: Cliff Addy <fbsdlist@federation.addy.com> Cc: questions@FreeBSD.ORG Subject: Re: Stopping mail relaying (again) Message-ID: <199801282118.VAA09743@awfulhak.org> In-Reply-To: Your message of "Wed, 28 Jan 1998 08:23:23 EST." <Pine.BSF.3.95q.980128081607.19174A-100000@federation.addy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> According to the anti-relaying stuff on sendmail.org, this will stop > relaying if placed in sendmail.cf: > > #LOCAL_CONFIG > FR-o /etc/sendmail.cf.relays > > #LOCAL_RULESETS > Scheck_rcpt > # anything terminating locally is ok > R< $+ @ $=w > $@ OK > R< $+ @ $=R > $@ OK > > # anything originating locally is ok > R$* $: $(dequote "" $&{client_name} $) > R$=w $@ OK > R$=R $@ OK > R$@ $@ OK > > # anything else is bogus > R$* $#error $: "550 Relaying Denied" > > My question is: is it checking the machine name that's making the smtp > connection to you or just the To: and From: headers? In other words, if I > place "abc.com" into the sendmail.cf.relays file, will a user dialed into > the ISP "def.com" be able to relay as long as his copy of Netscape has > "joe_user@abc.com" as the return address? Or will it get rejected because > sendmail sees the connection is coming from "dialup247.def.net"? check_rcpt just checks the recipient address - ie, the "RCPT" bit of the protocol. If you want to block based on the connecting machine name or IP number, use the check_relay ruleset (it gets passed the connecting name and IP number separated by ``$|''. -- Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org> <http://www.Awfulhak.org> Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199801282118.VAA09743>