[CentOS] sendmail security

Wed Sep 20 12:45:27 UTC 2006
Feizhou <feizhou at graffiti.net>

abhishek singh wrote:
> yes i am using SMTP Authentication , but when i m
> doing telnet to my server on 25 port so i am able to
> send mail by unknow user that in in not my mail server
> like

where are you telnetting from? localhost?

telnet localhost 25?

> mail from: <abs at domain.com>
> this command is showing Sender is ok while its not
> user in my mail server.after that 

if you are using delayed checks, this is normal. BTW, does this sendmail 
box solely does smtp-auth relay only? It is not used for receiving mail 

> rcpt to: <xyz at domain.com>
> jhsjhdf
> .
> quit
> after this mail is queued for delivery to xyz user and
> in this scenario xyz is valid user accound on my mail
> server so i want that unkown account for my domain
> cant sendmail , so how i will do that ,
> when i am sending mail to out side domain without
> authentication then everything is ok means any one can
> send mail to my domain while he is not user.
> this is the problem.

Okay, I thought you wanted something like that. You want to allow only 
mails where the sender exists on your system, right?

>  i have one solution , but i want to know very easy
> way to do that 
> .

well...you could try looking for ready made rulesets for what you want. 
Otherwise, it will have to be written.

> --- Feizhou <feizhou at graffiti.net> wrote:
>> abhishek singh wrote:
>>> hi 
>>> all 
>>> i am using sendmail mail server, i have configured
>>> SASL+TLS+MailScanner+Spamassasin+.Procmail and its
>>> working fine, but there is one problem when i am
>> doing
>>> telnet to my server on 25 port and using "mail
>> from "
>>> command to send mail by any user like
>> abc at gmail.com or
>>> any user @mydomain then sendmail is not able to
>> verify
>>> sending user , so plz help me how can i verify the
>>> real sender means i want only my domain real user
>> can
>>> sendmails .and when i am using mail clients then
>> its
>>> working fine . prolem is occuring when , when i am
>>> doing telnet directly to smtp port to my server
>> Did you use AUTH to authenticate yourself?
>> Also, from what you say, do you also want to make
>> sure that any user who 
>> authenticates must use an email address in your
>> domain as their return-path?
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
> __________________________________________________________
> Yahoo! India Answers: Share what you know. Learn something new
> http://in.answers.yahoo.com/
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos