Solved

limiting sendmail

Posted on 2000-04-14
5
238 Views
Last Modified: 2010-04-21
Whats the easiest way to limit sendmail? I only need it to send mail off the system, and received mail onto the system. I cant think of any reason that it needs to even bother trying to recognize a user or block them.

The answer is probably one I will slap my head over but I just had a tooth pulled so I dont feel like thinking. I will just pay fo rit.  :-)

Gandalf  Parker
0
Comment
Question by:GP1628
5 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 2717784
In what way do you want to limit sendmail?
0
 
LVL 2

Author Comment

by:GP1628
ID: 2717799
I dont need it to accept do any relaying at all.
Only accept mail for the 4 accounts on the machine, and only send mail out.

The need for even those is minimal. I might just kill it completely. Mostly just system reports like Cron failures and such that get mailed to machines where root logs in more often.  :)

Can "local mail" be defined easily as being only our own network machines? Im beginning to think the LocalIP list is my best bet.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 2719873
I don't understand what you are trying to limit, other than preventing relaying. By default sendmail is only going to accept email for users that it knows about, it'll reject inbound email for anyone who is not a "system user", i.e., anyone not listed in the password file (or in the NIS/NIS+ password maps if you use that). Anti-relaying is enabled by default in sendmail 8.9.3 & later, which you ought to be using for a number of other security reasons.
0
 
LVL 2

Accepted Solution

by:
festive earned 100 total points
ID: 2726614
If I read you correctly then try the following:

do not run sendmail as a daemon.

yes: kill the daemon and stop it from starting in the rc files:

when you send an email from the local system it will go out, but people that are not on the local system will not be able to send you mail.

This configuration is quite common and in use on many networks:

I have used it from many servers to send directly to one mailhost (set from /etc/hosts file in solaris) to good effect.

hope this helps
0
 
LVL 2

Author Comment

by:GP1628
ID: 2789759
Sorry it took so long to get back at this. I cant believe I missed such an obvious answer. Thank you
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Introduction Regular patching is part of a system administrator's tasks. However, many patches require that the system be in single-user mode before they can be installed. A cluster patch in particular can take quite a while to apply if the machine…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question