Maybe someone can help me sort this out. I want to block outbound mail from my network based upon the recipient address. Internal servers should still be allowed to send emails, but not to a few specific addresses. I've tried creating some rules in /etc/mail/access but to no avail. Is it possible to do this?
On Mon, 25 Oct 2010, Sean Carolan wrote:
Maybe someone can help me sort this out. I want to block outbound mail from my network based upon the recipient address. Internal servers should still be allowed to send emails, but not to a few specific addresses. I've tried creating some rules in /etc/mail/access but to no avail. Is it possible to do this?
lefgifu with: sendmail access TO
http://www.feep.net/sendmail/tutorial/anti-spam/access_db.html
'The left hand side of each entry can optionally be prefixed with one of the tags To:, From:, or Connect:.'
so:
To:acme@prohibited.com REJECT
(untested, but just reading the manual)
-- Russ herrold
lefgifu with: sendmail access TO
http://www.feep.net/sendmail/tutorial/anti-spam/access_db.html
'The left hand side of each entry can optionally be prefixed with one of the tags To:, From:, or Connect:.'
Yes, I have tried this. I have entries like this in my access file:
To:staffing@unwantedcompany.com DISCARD
Yet mail to staffing@unwantedcompany.com goes through just fine. I think I may be missing something here.
At Mon, 25 Oct 2010 09:55:40 -0500 CentOS mailing list centos@centos.org wrote:
lefgifu with: sendmail access TO
http://www.feep.net/sendmail/tutorial/anti-spam/access_db.html
'The left hand side of each entry can optionally be prefixed with one of the tags To:, From:, or Connect:.'
Yes, I have tried this. I have entries like this in my access file:
To:staffing@unwantedcompany.com DISCARD
Yet mail to staffing@unwantedcompany.com goes through just fine. I think I may be missing something here.
One silly thing (but needs to be asked):
Did you rebuild access.db after editing access?
cd /etc/mail vi/gedit/emacs access make access.db
I am not sure if restarting sendmail is necessary or not (but it can't hurt):
/sbin/service sendmail restart
Also: is "FEATURE(`access_db',... " in /etc/mail/sendmail.mc? And if it wasn't and you enabled it, did you rebuild sendmail.cf, and if you did rebuild sendmail.cf, did you restart sendmail?
One silly thing (but needs to be asked):
Did you rebuild access.db after editing access?
Yes, the rebuild command is built into my init script. I just double checked it.
I'm getting better results having changed the setting to REJECT instead of DISCARD. I will investigate a bit further when I have some spare time. For now I have verified that the mail server is rejecting all mails to the problem addresses.
-
R P Herrold -
Robert Heller -
Sean Carolan