Solved

limiting sendmail

Posted on 2000-04-14
5
225 Views
Last Modified: 2010-04-21
Whats the easiest way to limit sendmail? I only need it to send mail off the system, and received mail onto the system. I cant think of any reason that it needs to even bother trying to recognize a user or block them.

The answer is probably one I will slap my head over but I just had a tooth pulled so I dont feel like thinking. I will just pay fo rit.  :-)

Gandalf  Parker
0
Comment
Question by:GP1628
5 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 2717784
In what way do you want to limit sendmail?
0
 
LVL 2

Author Comment

by:GP1628
ID: 2717799
I dont need it to accept do any relaying at all.
Only accept mail for the 4 accounts on the machine, and only send mail out.

The need for even those is minimal. I might just kill it completely. Mostly just system reports like Cron failures and such that get mailed to machines where root logs in more often.  :)

Can "local mail" be defined easily as being only our own network machines? Im beginning to think the LocalIP list is my best bet.

0
 
LVL 40

Expert Comment

by:jlevie
ID: 2719873
I don't understand what you are trying to limit, other than preventing relaying. By default sendmail is only going to accept email for users that it knows about, it'll reject inbound email for anyone who is not a "system user", i.e., anyone not listed in the password file (or in the NIS/NIS+ password maps if you use that). Anti-relaying is enabled by default in sendmail 8.9.3 & later, which you ought to be using for a number of other security reasons.
0
 
LVL 2

Accepted Solution

by:
festive earned 100 total points
ID: 2726614
If I read you correctly then try the following:

do not run sendmail as a daemon.

yes: kill the daemon and stop it from starting in the rc files:

when you send an email from the local system it will go out, but people that are not on the local system will not be able to send you mail.

This configuration is quite common and in use on many networks:

I have used it from many servers to send directly to one mailhost (set from /etc/hosts file in solaris) to good effect.

hope this helps
0
 
LVL 2

Author Comment

by:GP1628
ID: 2789759
Sorry it took so long to get back at this. I cant believe I missed such an obvious answer. Thank you
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now