Date: Wed, 13 Aug 1997 10:45:38 +0000 (GMT) From: "Jonathan A. Zdziarski" <jonz@netrail.net> To: "az.com" <yankee@lucy.az.com> Cc: security@FreeBSD.ORG Subject: Re: sendmail 553 Message-ID: <Pine.BSF.3.95q.970813104408.7726E-100000@netrail.net> In-Reply-To: <Pine.BSF.3.91.970812184239.3397A-100000@lucy.az.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I just use rule 96 to keep us from allowing anybody outside us to send
mail through us
F{LocalIP}/etc/LocalIP
S96
# handle special cases for local names
R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain
at all
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local
domain
R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP
domain
R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark
[a.b.c.d]
R$* < @@ $=w > $* $: $1 < @ $j . > $3
self-literal
R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP
addr
-------------------------------------------------------------------------
Jonathan A. Zdziarski NetRail Incorporated
Server Engineering Manager 230 Peachtree St. Suite 500
jonz@netrail.net Atlanta, GA 30303
http://www.netrail.net (888) - NETRAIL
-------------------------------------------------------------------------
On Tue, 12 Aug 1997, az.com wrote:
:
:Has anyone added the external gateway refusal modifications to sendmail's
:checkcompat(to, e) function? (dsn 5.1.7, sendmail 553)
:
:This let's some hijacking through and shouldn't:
:
:do
:{
:
: if (strcmp(to->q_mailer, "local") != 0 )
:
: {
: usrerr("553 Gateway access denied.");
: to->q_status = "5.7.1";
: return (EX_UNAVAILABLE);
: }
:
:} while (to = to->q_next);
:
: return (EX_OK);
:}
:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970813104408.7726E-100000>