I need to only accept emails on my MAIN POP/IMAP server from 3 servers (under my control (front line MX servers)) & local users who have local POP accounts.
ALL other emails need to be blocked. What is the best way of doing this ?
Thanks
Denis
On Friday 24 November 2006 02:34, Denis Croombs wrote:
I need to only accept emails on my MAIN POP/IMAP server from 3 servers (under my control (front line MX servers)) & local users who have local POP accounts.
I take it you mean accept for local delivery from the front-line MX servers, and accept for local and relay from the POP users.
ALL other emails need to be blocked. What is the best way of doing this ?
Firewall port 25 except for the front-line servers. Nobody else should be able to talk to it.
Enable the submission port (587) for the local users, that's what it's for. Just edit /etc/mail/sendmail.mc and remove the "dnl " from the line: dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
To allow users with a local POP/IMAP account to send, either enable SMTP AUTH and require users to submit credentials for sending mail or get pop-before-smtp from karan's repo and set that up to work. to enable SMTP AUTH, see http://www.joreybump.com/code/howto/smtpauth.html. Don't forget to enable sasluthd and set it to run on boot (chkconfig saslauthd on).
-
Denis Croombs -
Kevan Benson