Date: Wed, 4 Jan 2017 14:19:56 +0100 From: Bernt Hansson <bah@bananmonarki.se> To: Ian Smith <smithi@nimnet.asn.au> Cc: freebsd-questions@freebsd.org Subject: Re: Sendmail on freebsd Message-ID: <01675719-f581-9fae-f242-06cebac424be@bananmonarki.se> In-Reply-To: <20170104232802.Y26979@sola.nimnet.asn.au> References: <mailman.98.1483531202.40760.freebsd-questions@freebsd.org> <20170104232802.Y26979@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2017-01-04 14:06, Ian Smith wrote: > In freebsd-questions Digest, Vol 657, Issue 5, Message: 18 > On Wed, 4 Jan 2017 08:26:48 +0100 Bernt Hansson <bah@bananmonarki.se> wrote: > > Hello list! > > > > Have a question or more about /etc/mail/access. > > > > Is this list appropiatefor this kind of question? > > I don't see why not. > > > If not, please point me in the right direction. > > > > If i put this in /etc/mail/access > > > > com REJECT > > > > Does that reject all domains that contain com > > or just TLD com. > > The latter, BUT unless things have changed, you need to specify what > kind of header it appears in, e.g (and yes, these are real entries): > > Connect:xyz REJECT > From:xyz REJECT > > The former rejects all mail 'Received: from' any hostname *.xyz > The latter rejects mail with 'envelope-from' any address@*.xyz > > For example, this (digest) message had first headers of: > > Return-Path: <owner-freebsd-questions@freebsd.org> > Received: from mx2.freebsd.org (mx2.freebsd.org [8.8.178.116]) > by xxxx.nimnet.asn.au (x.yy.z/x.yy.z) with ESMTP id v04C0M0x055062 > for <smithi@nimnet.asn.au>; Wed, 4 Jan 2017 23:00:28 +1100 (EST) > (envelope-from owner-freebsd-questions@freebsd.org) > > Return-Path: is often, usually, but NOT always = envelope-from > > Connect:mx2.freebsd.org ACCEPT > would accept all mail 'Received: from' hostname mx2.freebsd.org > > From:freebsd.org ACCEPT > would accept mail from or _claiming_ to be from any address@freebsd.org > > That is: envelope-from addresses, as most other headers, can be forged, > whereas Connect: hostnames are returned by DNS lookup on the IP address, > and generally speaking can be relied upon - if your DNS server can be :) > > cheers, Ian > Well, that does not answer my question, or my question is not quite right. Have this in access romtelecom.net REJECT Would sendmail reject that based on com REJECT /B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01675719-f581-9fae-f242-06cebac424be>