Sendmail: Block Incoming mails from other domains for certain aliases

Dear everyone,

In my Solaris9 Box, I'm running Sendmail 8.13.4 (latest version) + Mimedefang + Spamassassin.  And have 3 group aliases [staff,admin,project]. admin & project group are victimised for spams. These two group aliases are used to recieve mails from internal domains only.   Till date there's no explicit command/filter to block the mails from external domain for these aliases.

Lately, i learnt tat particular aliases can be blocked from receiving mails from outside world. By adding the following to sendmail.mc

-------------------------------------------------------------------------------------------------------------
LOCAL_CONFIG
F{Internal}/etc/mail/intern.only

LOCAL_RULESETS
SLocal_check_rcpt
# if the recipient isn't internal, they get the mail
R$+                  $: <@> $>3 $1
R<@> $={Internal}<@$=w.>      $: <$1@$2>
R<@> $={Internal}            $: <$1@$j>
# no internal alias
R<@>$+                  $@ OK
# check to see if the sender is local
R$*                        $: $>3 $&f
R$+<@$=w.>      $@ OK
# empty sender: accept (RFC 1123)
R<@>            $@ OK
R$+                  $#error $: 551 $&f not allowed to send to recipient

------------------------------------------------------------------------------------------------------

I created a file intern.only file in /etc/mail

#vi intern.only
admin
project
~
~
#

Thereafter, I rebuilded sendmail.cf by

#make sendmail.cf

I was able to see those RULESETS in sendmail.cf and so i started to run with this new sendmail.cf

But still i'm receiving mails from outside world to this admin / project aliases.  

Is there anyone who can guide me ?

Thanks & Regards,
Kuppu



kuppuraj_kAsked:
Who is Participating?
 
PsiCopConnect With a Mentor Commented:
If you can identify the source E-Mail servers for those Domains (mydomain.HQ.com, ROdomain.HQ.com and HQ.com), specifically their IP addresses, then I'd do it by IP address in the access map, like so:

# Allow connections from HQ.com
Connect:1.2.3.4           OK
# Allow connections from mydomain.HQ.com
Connect:3.4.5.6           OK
# Allow connections from ROdomain.HQ.com
Connect:5.6.7.8           OK

If you want your sendmail server to relay E-Mail for those Domains, then substitute "RELAY" for "OK".

OK = Accept a connection from this IP address without any further checking, but only relay in accordance with relay permissions elsewhere (e.g. RELAY_DOMAINS)
RELAY = Accept a connection from this IP address without further checking, and also relay, if requested, any E-Mail it sends, without further checking

You can also use hostnames in place of the IP addresses, but if DNS breaks for any reason, then the map won't work..

If you'll be relaying for those hosts, then be sure to use a mailertable to avoid loops.

Glad to hear you've been able to cut down on your SPAM.
0
 
PsiCopCommented:
Why not do that using the "To:" keyword in an access database, as shown here --> http://www.experts-exchange.com/Networking/Email_Groupware/Sendmail/Q_21322113.html
0
 
kuppuraj_kAuthor Commented:
Thanks alot for your exhaustive study & documentation about sendmail. Your sendmail.mc was so much helpful to me. I appended your sendmail.mc to my own sendmail.mc file and built a strong sendmail that could now able to defend most of the spam mails.

When i restarted the sun box, my LOCAL_RULESETS[which was mentioned in previous post] was activated. So, I succeeded in blocking external mails to those aliases.

I believe my sendmail is now shielded better than ever with your guidance :-) ..

I have one more query related to my LOCAL_RULESETS, tho' all the external mails are blocked for those aliases, is it possible to get mails from two domains alone (i.e., from my Regional office & HeadQuarters domains.)

My domain is -  @mydomain.HQ.com,
My RegionalOffice domain is -  @ROdomain.HQ.com,
My HQ domain is - @HQ.com

I tried adding <FROM: @ROdomain.HQ.com,@HQ.com OK> to /etc/access and rebuilt with makemap, but no use.

Kindly guide me.

Thanks & Regards,
Kuppu
0
All Courses

From novice to tech pro — start learning today.