How to reject/detect emails claiming to be from my own domain?
Peter H. Lemieux
mailscanner at replies.cyways.com
Thu Dec 29 20:00:50 UTC 2016
The access database in sendmail uses the envelope sender. On my systems no legitimate inbound mail comes to my SMTP listener from someone at mydomain.com so I can block mydomain.com in /etc/mail/access with
mydomain.com REJECT
However that may not be possible for you if you must support inbound mail from senders on the Internet. Depending on who they are and where they are located, you can add them to /etc/mail/access with
From:goodguy at mydomain.com RELAY
then block the residual as in the first example. You can also permit certain IP addresses or subnets with
Connect:10.10.10. RELAY
That matches the 10.10.10.0/24 subnet. For more details, read http://www.sendmail.com/sm/open_source/docs/m4/anti_spam.html#access_db
Sendmail is not as flexible as Postfix in this regard. The latter can use regular expressions, but sendmail's access database only matches text strings.
Peter
On 12/29/2016 12:50 PM, Philip Parsons wrote:
> I am trying to get one that does the envelope-from header so at the MTA side of things. I am hoping someone has done this with sendmail as changing the MTA is not possible at the moment.
More information about the MailScanner
mailing list