Subject: Re: sendmail - mail relays
To: Tom Trebisky <tom@kofa.as.arizona.edu>
From: Rex McMaster <rmcm@compsoft.com.au>
List: netbsd-help
Date: 04/27/1999 18:02:17
--mT8/qXP/Oa
Content-Type: text/plain; charset=us-ascii
Content-Description: message body text
Content-Transfer-Encoding: 7bit
Cw is the static list of hostnames for which a host will receive
mail. Relaying is different - the patches for 8.8.8 which are/were on
sendmail.org are effective and easy to apply (esp. if using M4
configuration). I have attached a copy.
------------------------------------------------------------
Rex McMaster rmcm@compsoft.com.au
rex@mcmaster.wattle.id.au
PGP Public key: http://www.compsoft.com.au/~rmcm/pgp-pk
--mT8/qXP/Oa
Content-Type: text/plain
Content-Description: Anti-relay patch for sendmail 8.8.8
Content-Disposition: inline;
filename="antirelay.Parse0.txt"
Content-Transfer-Encoding: 7bit
LOCAL_CONFIG
FR-o /etc/sendmail.cR
LOCAL_RULESETS
Scheck_rcpt
# anything terminating locally is ok
R$* $: $>Parse0 $>3 $1
R$+ < @ $* . > $* $: $1 < @ $2 >
R$+ < @ $=w > $@ OK
R$+ < @ $=R > $@ OK
# anything originating locally is ok
R$* $: $(dequote "" $&{client_name} $)
R$=w $@ OK
R$=R $@ OK
R$@ $@ OK
# anything else is bogus
R$* $#error $: "550 Relaying Denied"
--mT8/qXP/Oa
Content-Type: text/plain; charset=us-ascii
Content-Description: message body text
Content-Transfer-Encoding: 7bit
Frederick Bruckman writes:
> On Mon, 26 Apr 1999, Tom Trebisky wrote:
>
> > As near as I can tell this means I am running sendmail 8.8.8.4
> > with a default sendmail.cf.
> > Two different parties have pointed out to me that my machine is
> > an open mail relay, which as most anyone knows is a BAD thing in
> > a world that would sooner be without spam.
>
> The hosts that you allow relaying from are listed in the Cw variable.
> AFAIK that is only `localhost' by default. `grep ^Cw /etc/sendmail.cf'
> should return only "Cwlocalhost". If you have something really nasty
> there, like a lone `.', take it out.
>
> All the custom solutions floating around are for the benefit of remote
> users. If you don't have any of those, just disable relaying with "Cw".
>
--mT8/qXP/Oa--