Solved

limiting sendmail

Posted on 2000-04-14
5
239 Views
Last Modified: 2010-04-21
Whats the easiest way to limit sendmail? I only need it to send mail off the system, and received mail onto the system. I cant think of any reason that it needs to even bother trying to recognize a user or block them.

The answer is probably one I will slap my head over but I just had a tooth pulled so I dont feel like thinking. I will just pay fo rit.  :-)

Gandalf  Parker
0
Comment
Question by:GP1628
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 2717784
In what way do you want to limit sendmail?
0
 
LVL 2

Author Comment

by:GP1628
ID: 2717799
I dont need it to accept do any relaying at all.
Only accept mail for the 4 accounts on the machine, and only send mail out.

The need for even those is minimal. I might just kill it completely. Mostly just system reports like Cron failures and such that get mailed to machines where root logs in more often.  :)

Can "local mail" be defined easily as being only our own network machines? Im beginning to think the LocalIP list is my best bet.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 2719873
I don't understand what you are trying to limit, other than preventing relaying. By default sendmail is only going to accept email for users that it knows about, it'll reject inbound email for anyone who is not a "system user", i.e., anyone not listed in the password file (or in the NIS/NIS+ password maps if you use that). Anti-relaying is enabled by default in sendmail 8.9.3 & later, which you ought to be using for a number of other security reasons.
0
 
LVL 2

Accepted Solution

by:
festive earned 100 total points
ID: 2726614
If I read you correctly then try the following:

do not run sendmail as a daemon.

yes: kill the daemon and stop it from starting in the rc files:

when you send an email from the local system it will go out, but people that are not on the local system will not be able to send you mail.

This configuration is quite common and in use on many networks:

I have used it from many servers to send directly to one mailhost (set from /etc/hosts file in solaris) to good effect.

hope this helps
0
 
LVL 2

Author Comment

by:GP1628
ID: 2789759
Sorry it took so long to get back at this. I cant believe I missed such an obvious answer. Thank you
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you do backups in the Solaris Operating System, the file system must be inactive. Otherwise, the output may be inconsistent. A file system is inactive when it's unmounted or it's write-locked by the operating system. Although the fssnap utility…
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question