Implement Access Control List With MailScanner??? {Scanned}

Scott Silva ssilva at SGVWATER.COM
Thu Jul 1 22:30:18 IST 2004


| Hello all,
|     I've been doing some serious googling over the 2-3 days about how to
| implement a type of ACL (access control list) for Sendmail which would
help
| in preventing the spoofing of my domain to my users. The only thing I can
| find are rulesets which are inserted direclty into the sendmail.cf, which
is
| something that I really want to avoid. I was hoping MailScanner would
allow
| me to do this. Here is my setup:
|
|  Kernel Version    2.4.22-1.2194.nptlsmp
| SendMail RPM Version    sendmail-8.12.10-1.1.1
| Procmail RPM Version    procmail-3.22-11
| MailScanner RPM Version    mailscanner-4.30.2-1
|
| If an email arrives at my mail server with the from header as
user at mydomain,
| I need to further look at the message to see if the message originated
from
| one of the subnets for which I relay. If it did, I'll accept it. If it
| didn't, I'll discard it. If anyone knows of a Sendmail m4 rule for this,
| please point me in the right direction and accept my apologies for being
on
| the wrong list. :) Otherwise, if MailScanner can already do this or if
| someone has already written a custom function for this, please point me in
| the right direction.

http://www.sendmail.org/m4/anti_spam.html
particularly the section;
FEATURE(`relay_mail_from')

put the IP addresses of the subnets you relay in the access file.
Don't put the domains in as they are easy to fake. I was caught here
and it is easy to do and a little harder to find out why sooo much
junk gets through.

If you relay for the network 11.22.33.0 then you would have;
11.22.33.0   RELAY
in /etc/mail/access

Also read this;
http://www.sendmail.org/tips/relaying.html


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html



More information about the MailScanner mailing list