On Friday 24 November 2006 02:34, Denis Croombs wrote: > I need to only accept emails on my MAIN POP/IMAP server from 3 servers > (under my control (front line MX servers)) & local users who have local POP > accounts. I take it you mean accept for local delivery from the front-line MX servers, and accept for local and relay from the POP users. > ALL other emails need to be blocked. > What is the best way of doing this ? Firewall port 25 except for the front-line servers. Nobody else should be able to talk to it. Enable the submission port (587) for the local users, that's what it's for. Just edit /etc/mail/sendmail.mc and remove the "dnl " from the line: dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl To allow users with a local POP/IMAP account to send, either enable SMTP AUTH and require users to submit credentials for sending mail or get pop-before-smtp from karan's repo and set that up to work. to enable SMTP AUTH, see http://www.joreybump.com/code/howto/smtpauth.html. Don't forget to enable sasluthd and set it to run on boot (chkconfig saslauthd on). -- - Kevan Benson - A-1 Networks