On 31/08/06, Ugo Bellavance <ugob at camo-route.com> wrote: > Richard wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Les Mikesell wrote: > >> On Thu, 2006-08-31 at 09:47 -0400, Ugo Bellavance wrote: > >>> Hi, > >>> > >>> I'm looking for a way, in sendmail, to set access rule, saying: > >>> > >>> Accept messages for domain.com only from this IP address. > >>> > >>> I did some research yesterday, but could only find a way to restrict by > >>> IP for all domains managed by sendmail. > >>> > >>> Any ideas? > >> It is overkill for this one job, but if you add MimeDefang > >> (http://www.mimedefang.org) as a milter, you can easily add > >> tests like that in perl in your filter code. Well maybe it's > >> not overkill compared to learning how to write sendmail > >> rulesets in its own macro language - and if you want to add > >> virus or spam scans it is a big win. > >> > > > > Another option is to run another sendmail daemon configured to listen on > > a non-standard port with its own cf and access files and have the sender > > output to that port. > > That is a good idea, I'll see if I can do that in this specific > situation. Other ideas welcome :). Working on from Richard's idea, run a separate daemon but on standard ports and bound to an aliased IP and configure that Sendmail instance to only allow SMTP to/from your customer. You could firewall that IP too so only traffic to/from the customer was allowed. The advantage there being minimal disruption to the end-user and you can setup specific DNS records for {mail,smtp,pop}.customerdomain.tld pointing to the aliased IP. Will.