Sendmail: Block Incoming mails from other domains for certain aliases

Posted on 2005-05-10
Last Modified: 2013-12-27
Dear everyone,

In my Solaris9 Box, I'm running Sendmail 8.13.4 (latest version) + Mimedefang + Spamassassin.  And have 3 group aliases [staff,admin,project]. admin & project group are victimised for spams. These two group aliases are used to recieve mails from internal domains only.   Till date there's no explicit command/filter to block the mails from external domain for these aliases.

Lately, i learnt tat particular aliases can be blocked from receiving mails from outside world. By adding the following to


# if the recipient isn't internal, they get the mail
R$+                  $: <@> $>3 $1
R<@> $={Internal}<@$=w.>      $: <$1@$2>
R<@> $={Internal}            $: <$1@$j>
# no internal alias
R<@>$+                  $@ OK
# check to see if the sender is local
R$*                        $: $>3 $&f
R$+<@$=w.>      $@ OK
# empty sender: accept (RFC 1123)
R<@>            $@ OK
R$+                  $#error $: 551 $&f not allowed to send to recipient


I created a file intern.only file in /etc/mail

#vi intern.only

Thereafter, I rebuilded by


I was able to see those RULESETS in and so i started to run with this new

But still i'm receiving mails from outside world to this admin / project aliases.  

Is there anyone who can guide me ?

Thanks & Regards,

Question by:kuppuraj_k
    LVL 34

    Expert Comment

    Why not do that using the "To:" keyword in an access database, as shown here -->

    Author Comment

    Thanks alot for your exhaustive study & documentation about sendmail. Your was so much helpful to me. I appended your to my own file and built a strong sendmail that could now able to defend most of the spam mails.

    When i restarted the sun box, my LOCAL_RULESETS[which was mentioned in previous post] was activated. So, I succeeded in blocking external mails to those aliases.

    I believe my sendmail is now shielded better than ever with your guidance :-) ..

    I have one more query related to my LOCAL_RULESETS, tho' all the external mails are blocked for those aliases, is it possible to get mails from two domains alone (i.e., from my Regional office & HeadQuarters domains.)

    My domain is -,
    My RegionalOffice domain is -,
    My HQ domain is -

    I tried adding <FROM:, OK> to /etc/access and rebuilt with makemap, but no use.

    Kindly guide me.

    Thanks & Regards,
    LVL 34

    Accepted Solution

    If you can identify the source E-Mail servers for those Domains (, and, specifically their IP addresses, then I'd do it by IP address in the access map, like so:

    # Allow connections from
    Connect:           OK
    # Allow connections from
    Connect:           OK
    # Allow connections from
    Connect:           OK

    If you want your sendmail server to relay E-Mail for those Domains, then substitute "RELAY" for "OK".

    OK = Accept a connection from this IP address without any further checking, but only relay in accordance with relay permissions elsewhere (e.g. RELAY_DOMAINS)
    RELAY = Accept a connection from this IP address without further checking, and also relay, if requested, any E-Mail it sends, without further checking

    You can also use hostnames in place of the IP addresses, but if DNS breaks for any reason, then the map won't work..

    If you'll be relaying for those hosts, then be sure to use a mailertable to avoid loops.

    Glad to hear you've been able to cut down on your SPAM.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
    Let's say you need to move the data of a file system from one partition to another. This generally involves dismounting the file system, backing it up to tapes, and restoring it to a new partition. You may also copy the file system from one place to…
    Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
    This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now