Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 257
  • Last Modified:

limiting sendmail

Whats the easiest way to limit sendmail? I only need it to send mail off the system, and received mail onto the system. I cant think of any reason that it needs to even bother trying to recognize a user or block them.

The answer is probably one I will slap my head over but I just had a tooth pulled so I dont feel like thinking. I will just pay fo rit.  :-)

Gandalf  Parker
0
GP1628
Asked:
GP1628
1 Solution
 
ozoCommented:
In what way do you want to limit sendmail?
0
 
GP1628Author Commented:
I dont need it to accept do any relaying at all.
Only accept mail for the 4 accounts on the machine, and only send mail out.

The need for even those is minimal. I might just kill it completely. Mostly just system reports like Cron failures and such that get mailed to machines where root logs in more often.  :)

Can "local mail" be defined easily as being only our own network machines? Im beginning to think the LocalIP list is my best bet.

0
 
jlevieCommented:
I don't understand what you are trying to limit, other than preventing relaying. By default sendmail is only going to accept email for users that it knows about, it'll reject inbound email for anyone who is not a "system user", i.e., anyone not listed in the password file (or in the NIS/NIS+ password maps if you use that). Anti-relaying is enabled by default in sendmail 8.9.3 & later, which you ought to be using for a number of other security reasons.
0
 
festiveCommented:
If I read you correctly then try the following:

do not run sendmail as a daemon.

yes: kill the daemon and stop it from starting in the rc files:

when you send an email from the local system it will go out, but people that are not on the local system will not be able to send you mail.

This configuration is quite common and in use on many networks:

I have used it from many servers to send directly to one mailhost (set from /etc/hosts file in solaris) to good effect.

hope this helps
0
 
GP1628Author Commented:
Sorry it took so long to get back at this. I cant believe I missed such an obvious answer. Thank you
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now