Feizhou wrote:
> Ugo Bellavance wrote:
>
>> Hi,
>>
>> I'm looking for a way, in sendmail, to set access rule, saying:
>>
>> Accept messages for domain.com only from this IP address.
>>
>> I did some research yesterday, but could only find a way to restrict
>> by IP for all domains managed by sendmail.
>>
>> Any ideas?
>
>
> Yes, add a lookup to check sending host ip against domain and add some
> rules to check. This has been tested in sendmail ruleset testing mode
> only...you probably want to run some tests of your own.
>
> eg: your sendmail is configured to relay for example.org.
>
> Add a domainip berkeley db.
> example.org 192.168.10.4 in domainip
>
>
> Add a map to sendmail.cf (after access map in this example)
>
> # Access list database (for spam stomping)
> Kaccess hash -T<TMPF> -o /etc/mail/access.db
>
> # Domain ip list
> Kdomainip hash /etc/mail/domainip.db
>
> # Configuration version number
> DZ8.13.1
>
>
> Add rules to check sending host ip (client_addr) against domain. Put the
> four missing lines in your Local_check_rcpt ruleset. You cannot just
> copy and paste from this mail. Put a tab/tabs between the $: and $#error
> and the > character of each line
Probably easier, update /etc/hosts.{allow,deny} and/or update your
firewall to block the port from undesirables.
--
Cheers
John
-- spambait
1aaaaaaa at computerdatasafe.com.au Z1aaaaaaa at computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
do not reply off-list