f



Securing a Sendmail mail server

This actually is more along the lines of ensuring that your server is 
not an open relay and to ensure that only my internal LAN and users 
authenticated via smtp-auth have the ability to send mail through my 
mail server.

I've been pouring over the bat book and the new sendmail cookbook and 
feel like i've made good progress in figuring out how to secure my 
server. However, I wanted to post a few questions here to verify that I 
am understanding this correctly and when my server goes live, I am not 
an open relay.

I know as of sendmail 8.9, it is a closed relay by default. Which is 
very nice.

Ok, here is my initial setup. I have our company LAN which should be the 
only people who can send mail through the server. I also added smtp-auth 
for further security.

What I have done is specify in my .mc file to use the acess_db. I then 
put in the first three octets of our subnet. I also have the option 
FEATURE(`use_cw_file') as well and created a local-host-names file 
located in /etc/mail. I then placed our company domain inside of that file.

With that in mind, should that work to ensure my server is protected? 
Last thing I want is to put up this server incorrectly and then have 
serious problems.

I should also note, that I do want to leave options open for 
scalability, as we are planning on expanding down the road.

I appreciate the help.

Jason
0
jwilliams1 (48)
2/19/2004 10:34:50 PM
comp.mail.sendmail 13518 articles. 1 followers. jfretby (35) is leader. Post Follow

2 Replies
956 Views

Similar Articles

[PageSpeed] 13

In article <103aeghae0mh9b5@corp.supernews.com> Jason
<jwilliams@courtesymortgage.com> writes:
>
>Ok, here is my initial setup. I have our company LAN which should be the 
>only people who can send mail through the server. I also added smtp-auth 
>for further security.

The SMTP AUTH *capability* doesn't really add anything to the "security"
you are thinking of per se - what it does do is e.g. add the possibility
for your users to relay through your server even if not on your company
LAN (this is generally considered a feature, but you may think
otherwise). Of course you can also *require* SMTP AUTH from your local
users, but there's not generally much point - and you obviously can't
require it for "incoming" mail, so it takes some care to set that up.

>What I have done is specify in my .mc file to use the acess_db. I then 
>put in the first three octets of our subnet. I also have the option 
>FEATURE(`use_cw_file') as well and created a local-host-names file 
>located in /etc/mail. I then placed our company domain inside of that file.
>
>With that in mind, should that work to ensure my server is protected? 

Yes, unless you have added other things in your .mc file that may cause
problems - there are unlimited possibilities for that, of course.

--Per Hedeland
per@hedeland.org


0
per71 (2635)
2/20/2004 12:18:11 AM
> The SMTP AUTH *capability* doesn't really add anything to the "security"
> you are thinking of per se - what it does do is e.g. add the possibility
> for your users to relay through your server even if not on your company
> LAN (this is generally considered a feature, but you may think
> otherwise). Of course you can also *require* SMTP AUTH from your local
> users, but there's not generally much point - and you obviously can't
> require it for "incoming" mail, so it takes some care to set that up.

Understood. Good think to have anyway I would imagine. Just as long as I 
specify my subnet in access with 'RELAY', all should be well.

Yes, unless you have added other things in your .mc file that may cause
> problems - there are unlimited possibilities for that, of course.


I'm hoping I don't have anything in my .mc file that will cause 
problems. Here is my current .mc file (granted, still learning and 
adding as I go)

VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.10.2.18 2003/04/24 
16:57:30 gshapiro Exp $')
OSTYPE(freebsd4)
DOMAIN(generic)
define(`confPRIVACY_FLAGS', 
``goaway,authwarnings,needmailhelo,noexpn,novrfy,nobodyreturn'')
define(`confSMTP_LOGIN_MSG', `AUTHORIZED USE ONLY ***NO UCE CONTENT***')
define(`confTO_QUEUERETURN', `1d')
define(`confTO_QUEUEWARN', `5h')
dnl define(`confMCI_CACHE_SIZE', `2')dnl
dnl define(`confMCI_CACHE_TIMEOUT', `3')dnl
define(`confMAX_RCPTS_PER_MESSAGE', `25')
define(`confMAX_MESSAGE_SIZE', `150000')
define(`confBAD_RCPT_THROTTLE', `5')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confLOCAL_MAILER', `cyrusv2')
define(`confCYRUSV2_MAILER_ARGS', `/var/imap/socket/lmtp')
define(`CYRUSV2_MAILER_MAXRCPTS', 25')
define(`PRESERVE_LOCAL_PLUS_DETAIL', 0')
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')

FEATURE(`use_cw_file')
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(`dnsbl', `relays.ordb.org')
FEATURE(`dnsbl', `sbl.spamhaus.org')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')
FEATURE(`masquerade_envelope')
MASQUERADE_AS(`courtesymortgage.com')
EXPOSED_USER(`root')

MAILER(`cyrusv2')
MAILER(`smtp')

I appreciate your help.

Jason
0
jwilliams1 (48)
2/20/2004 12:29:20 AM
Reply:

Similar Artilces:

unable to forward mail from 1 sendmail server to another sendmail server
Hi, i have a setup like this: box A ---> box B ---> sends to the world. sendmail, solaris 9. what is happening is as follows: Application on box A generates mail (for the users, who can be from anywhere) forwards it to box B which sends it out. The box A is forwarding mail to box B, only for the users of the domain, ie if there is a user is having a gmail id the mail is NOT forwarded from box A ----> box B. If i do a nslookup on gmail on box A it resolves properly. XXXXXX Message 2: >From MAILER-DAEMON Wed Oct 26 12:14:26 2005 Date: Wed, 26 Oct 2005 12:14:26 +0530 (IST) From: Mail Delivery Subsystem <MAILER-DAEMON> To: <amit@www.domainname.com> MIME-Version: 1.0 Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) This is a MIME-encapsulated message --j9Q6iQj6027300.1130309066/www.domainname.com The original message was received at Wed, 26 Oct 2005 12:14:26 +0530 (IST) from localhost [127.0.0.1] ----- The following addresses had permanent fatal errors ----- <amitka@gmail.com> (reason: 550 Host unknown) ----- Transcript of session follows ----- 550 5.1.2 <amitka@gmail.com>... Host unknown (Name server: mailhost.domainame.com: host not found) --j9Q6iQj6027300.1130309066/www.domainname.com Content-Type: message/delivery-status Reporting-MTA: dns; www.domainname.com Received-From-MTA: DNS; localhost Arrival-Date: Wed, 26 Oct 2005 12:14:26 +0530 (IST) Final-Recipient: RFC822; amitk...

how to force sendmail to forward mails to another mail server?
Hi all, Currently we have 2 machines for mail (a smtp server and a pop server) Currently, sendmail accepts and sends out mail for our domain. We'd like sendmail to just send out mails but when it receives mails, it should forward it to our pop server. should we use mailertable for this or some other method? thanks for any info ike lozada schrieb: > Hi all, > > Currently we have 2 machines for mail (a smtp server and a pop server) > Currently, sendmail accepts and sends out mail for our domain. We'd > like sendmail to just send out mails but when it receives mails, it > should forward it to our pop server. should we use mailertable for > this or some other method? yes, we do that too. Just enter your domain in the mailertable, but on the receiving side there must be a mta, too, of course. So both servers should be running, e.g. sendmail. the pop server has to allow relaying of the smtp server, too. Keep your receiving server in brackets in the mailertable entry to prevent dns lookups, like so yourdomain.com smtp:[internalserver.internaldomain.com] Tim Tim Aden <corrodan@netcologne.de> wrote in message news:<c08rl4$3ft$1@newsreader2.netcologne.de>... > ike lozada schrieb: > > > Hi all, > > > > Currently we have 2 machines for mail (a smtp server and a pop server) > > Currently, sendmail accepts and sends out mail for our domain. We'd > > like sendmail to just send out mails but when...

Sending mail without sendmail or highly secure sendmail
Hello all, I am setting up a very secure Red Hat Enterprise Linux Advanced Server version 4 update 6 server. My sendmail version is 8.13.1. My mail server is a Windows 2003 Server with Exchange 2003 with its patches. They are both on the same subnet. DNS is on and it will resolve the mail server's name and IP. SSH, SCP, SFTP, and such tools are the only networkable protocols on. NFS if off, MOUNTD is off, PORTMAP is off, and such. Until just recently sendmail was off on the RHEL server as part of the hardening procedure. However part of the auditing requirements is for a mail message to go out to some admin if certain events occur such as "disk is full," "a panic occurred," "the system rebooted" etc. So I will perhaps cut sendmail on and mitigate the risk as best as possible. So, this sounds dumb, but can you send mail without sendmail. I think perhaps no, but I thought I'd ask anyway. Secondly does anyone have a harden .mc file from which they could share what they did? Of course you can fudge in phoney IP and names to protect your secured environment. Advice or insight do any of you have on securing sendmail is appreciated? I want to avoid such things as promiscuous relays, unqualified senders, etc etc. But if it must be ... it must be. :) Thanks George <george.e.sullivan@saic.com> wrote: > I am setting up a very secure Red Hat Enterprise Linux Advanced Server > version 4 update 6 server. My sendmai...

problem with sendmail, not sending mails to some mail servers like yahoo except gmail
hi this is sasidhar, we have CentOS5 with default sendmail configuration. Initially it is sending mails to gmail, yahoo etc. last few days it is not sending mails to yahoo. In maillog I observed that for yahoo mails the stat value is deferred. I tried everything by browsing google but I didn't find any solution to this problem. Finally I came here with lots of hope. In mail queue there are more than 1 lack, most of them yahoo, rediff etc. For gmail it is not giving any problem every mail is going. please give any suggestions to solve this problem. Thanks, sasidhar. On 11/5/2009 11:36 PM, sasidhar prabhakar wrote: > hi this is sasidhar, > > we have CentOS5 with default sendmail configuration. > Initially it is sending mails to gmail, yahoo etc. last few days it is > not sending mails to yahoo. > In maillog I observed that for yahoo mails the stat value is deferred. > I tried everything by browsing google but I didn't find any solution > to this problem. > Finally I came here with lots of hope. > > In mail queue there are more than 1 lack, most of them yahoo, rediff > etc. For gmail it is not giving any problem every mail is going. > > please give any suggestions to solve this problem. > > Thanks, > sasidhar. > > > Deferred is generally not a problem. As your queue runs (usually, once an hour), it will try again (and again, as necessary). You can force sendmail to run the queue by running it wi...

mails sent by sendmail were treated as junk mail
Hi there, I am a newbie of sendmail and trying to configure it to work as my main mailserver which allow POP3 and SMTP connection from outside. My problem is that I cannot send out any mails which appears like sender: xxx@mydomain.com. If I send mail through terminal, my sent-out mail would looks like aaa@hostname.mydomain.com instead of aaa@mydomain.com. hostnam.mydomain.com is a qualified name of my linux box runing sendmail. Second, I configured a openwebmail on this linux box to allow users login from anywhere to manager their mails, and it works fine. However, all the out-going mails sent throug openwebmail are treated as junk mail by most mail server like hotmail and yahoo. It was complained as unknown sender(at this case, sender appears aaa@mydomain.com) Does anyone have any experience in such situation or have any ideas how to configure sendmail to solve my problems? My network setting is simply as router -> DMZ zone -> linux box which is runing sendmail. I have a domain, mydomain.com, which is parking at a domain hosting company where my zone file is actually located. I changed the MX record in the zone file so that it points to my static ip address(eg. 10.11.12.113). After some simple changes were done, I can receive any emails sent to my domain, like xxx@mydomain.com. Thanks for any ideas! In article <d57b272d.0405151235.19d0384b@posting.google.com> vbcache@hotmail.com (cerberus) writes: > >I am a newbie of sendmail and trying to configure ...

How to enable Mail Directory instead of Mail File in Sendmail/Procmail?
Hi, Again a newbie question. I am using Redhat Enterprise Server 4.0 with Sendmail. I wanted to know if there is any configuration in Sendmail/Procmail such each mailbox has a mail directory instead of a mail file (each mail is in seperate file). thanks Rohit. "Rohit Sehgal" <rohitseh@yahoo.com> writes: > Again a newbie question. > > I am using Redhat Enterprise Server 4.0 with Sendmail. I wanted to > know if there is any configuration in Sendmail/Procmail such each > mailbox has a mail directory instead of a mail file (each mail is in > seperate file). > > thanks You can easily change it in per user ~user/.procmailrc or global /etc/procmailrc http://www.sendmail.org/faq/section4.html#4.3 Q4.3 -- How can I get sendmail to deliver local mail to $HOME/.mail instead of into /usr/spool/mail (or /usr/mail)? -- [en: Andrew] Andrzej Adam Filip : anfi@priv.onet.pl : anfi@xl.wp.pl http://www.sendmail.org/faq/ http://www.sendmail.org/m4/readme.html http://anfi.homeunix.net/sendmail/ Netcraft Site Rank: 462490 Thanks for replying Andrzej. But, this does not answer my question. I want mails in my inbox to be deposited in the Mail Directory and not mail file. For Example, I want to specify each mail to the mailbox is stored as independent file. So, if I have 5 mails for me then there are 5 files in my mail directory. I am looking for either system wide or mailbox size setting. "Rohit Sehgal" <rohitseh@yahoo.com>...

Cant send mail to my Sendmail Server ?
I use the netstat to get the following information: tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:32769 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:109 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 ...

Sendmail Deferred and times out with mail server
I have a linux box that sits in our Cisco PIX DMZ and relays mail to our internal Exchange server. Problem I have is that sometimes it relays fine, other times we get a 'Connection timed out with mail.unix.com'. Here is a snippet from my logfile of a email I recently sent: Jan 6 11:36:42 myhost sendmail[4136]: j06GagkR004136: from=root, size=62, class=0, n rcpts=1, msgid=<200501061636.j06GagkR004136@myhost.unix.com>, relay=root@loca lhost Jan 6 11:36:43 myhost sendmail[4138]: j06GagU6004138: from=<root@myhost.unix.com>, size=386, class=0, nrcpts=1, msgid=<200501061636.j06GagkR004136@myhost.unix.com>, proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] Jan 6 11:36:43 myhost sendmail[4136]: j06GagkR004136: to=jweb@unix.com , ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=30062, relay=[12 7.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j06GagU6004138 Message accepted for delivery) Jan 6 11:37:26 myhost sendmail[4122]: j06GRH15003890: to=<jweb@unix.co m>, ctladdr=<root@myhost.unix.com> (0/0), delay=00:10:09, xdelay=00:01:00, ma iler=esmtp, pri=120387, relay=mail.unix.com. [123.123.166.195], dsn=4.0.0, stat=De ferred: Connection timed out with mail.unix.com. I can't determine where the problem is -- dmz? sendmail? exchange? Any thoughts or help is immensely appreciated. Thanks, JWeb ...

Can not send mail to my Sendmail Server ?
Hi, I set up a sendmail server ( The IP I use is for dummy ): 1. I can email outside from the local host ( by using sendmail -v -t ), up to this moment, I just use IP for the Email Server, the DNS Record is not set yet; e.g. bensonlei@203.194.23.33 2. But I can not reply to the above email address 3. I can not telnet 203.194.23.33 port 110 , nor telnet 203.194.23.33 port 143 from outside, but I can telnet localhost 110, and telnet localhost 143. I installed the service imapd and ipop3d.. What is the problem and how to solve them ? The error messages: Message from ...

Mail::Sendmail
perl doesn't like my return address. Does anyone know why? error message as follows-------------------- [rudi@tsuse rudi]$ perl mail_test.pl [rudi@tsuse rudi]$ Bad or missing From address: '' text of program follows---------------------- [rudi@tsuse rudi]$ vi mail_test.pl 1 #!/usr/bin/perl; 2 use Mail::Sendmail; 3 4 %mail = { To => "ccc31807\@yahoo.com", 5 From => "cartercc\@gmail.com", 6 Subject => 'Test of sendmail', 7 Message => "This is a test of sendmail"}; 8 9...

I'm sendmail from mail server
I'm using sendmail in my mail server ( vers. 8.12.10-1.1.1). The same mail was sent to 2 users (A, B), I can see 2 different mail formats. A uses Outlook Express 6 and it's able to read message B uses Outlook Express 6 and it's NOT able to read message. I verified mail, which was in mailbox B, has winmail.dat inside body so I suppose to be RTF format. I verified client which sent the mail, but there is neither settings for RTF format nor setting for RFT format for specific recipients. Can sendmail alter email format in this way ? RICCARDO <ric.castellani@alice.it> wrote in <792579cd-a52c-424c-9e57-3157b467873d@f8g2000yqn.googlegroups.com>: > I'm using sendmail in my mail server ( vers. 8.12.10-1.1.1). > The same mail was sent to 2 users (A, B), I can see 2 different mail > formats. > > A uses Outlook Express 6 and it's able to read message > B uses Outlook Express 6 and it's NOT able to read message. > > I verified mail, which was in mailbox B, has winmail.dat inside body > so I suppose to be RTF format. > I verified client which sent the mail, but there is neither settings > for RTF format nor setting for RFT format for specific recipients. > > Can sendmail alter email format in this way ? Not to my knowledge. Can you run a packet trace (WireShark, tcpdump, etc.) of both sessions (the one to A _and_ the one to B), and then compare them? I suspect that B is somehow prompting Exchange to send ...

How do I configure Sendmail to reject all mail to domains not in /etc/mail/access file?
Hi. I've got a serious spam problem on one my server which is running Sendmail 8.13.1. I've been struggling with iptables, although efficient but not manageable in the long run. The problem really is bad scripts made by users on their webpages, but it is impossible for me to debug these. So this is why I'm looking for information on how to block all @domain.tld's while maintaining the ability to send mail to certain specified domains in the /etc/mail/access file. Thus far, I've also been adding domain.tld in local-host-names and relaying all @domain.tld to a local alias which is redirected to /dev/null. This solution is also unmanageable in the long run. Therefore I turn to you for guidance and information on how to find a solution for the spam problem on my server. Feedback and tips will be greatly appreciated :) Thx, /Timo_S On Fri, 11 Aug 2006 19:03:08 +0300 Timo_S wrote: > I've got a serious spam problem on one my server which is running > Sendmail 8.13.1. I've been struggling with iptables, although efficient > but not manageable in the long run. > > The problem really is bad scripts made by users on their webpages, but > it is impossible for me to debug these. So this is why I'm looking for > information on how to block all @domain.tld's while maintaining the > ability to send mail to certain specified domains in the > /etc/mail/access file. What do these "bad scripts" do...

too many sendmail 8.12.11 sendmail and mail.local processes
I noticed over 7000 sendmail and mail.local processes that eventually exhausted the system's swap space. The system is a Solaris 8 box running sendmail 8.12.11. Also, sendmail.cf has MaxDaemonChildren=500 set. The problem occurred after the system received over 60,000 large email due to a misbehaved application. 1. Why would there be more than 500 sendmail processes? I noticed the parent process for most of the sendmail processes is 1 and mail.local were spawned by sendmail, of course. I have the default MaxQueueChildren value which is unlimited. I noted over 7,000 of these messages in syslog during the time of the incident; Jun 12 09:02:04 peace sendmail-mta[22621]: j5CD04jr022619: timeout waiting for i nput from local during Draining Input Jun 12 09:03:03 peace sendmail-mta[23982]: j5CD13Ef023979: timeout waiting for i nput from local during Draining Input Jun 12 09:04:36 peace sendmail-mta[26086]: j5CD2aaO026076: timeout waiting for i nput from local during Draining Input Jun 12 09:05:38 peace sendmail-mta[27455]: j5CD3bKd027452: timeout waiting for i nput from local during Draining Input Jun 12 09:06:01 peace sendmail-mta[27939]: j5CD411x027931: timeout waiting for i nput from local during Draining Input Jun 12 09:06:16 peace sendmail-mta[28248]: j5CD4GmD028243: timeout waiting for i nput from local during Draining Input F S UID PID PPID C PRI NI ADDR SZ WCHAN STIME TTY TIME CMD 8 S root 8888 1 0 49 20 69174...

Sendmail virtual hosting, default mail server
Hi, googl'd quite a lot but couldn't find my answer. Can someone help ? We host several domains, on a single server. The server has different IP addresses, corresponding to the SMTP and POP servers for the domains. Domains are virtual in the sense that we don't use the the virtusertable, but the vdeliver utility of linuxconf : users don't have an account on our system. Everything works fine, e-mails are delivered and sent OK. Our question is the following : Is it possible to have sendmail send the mails from the "domain mail server" instead as from the local loop ? ...

Best way to send mail from sendmail server?
Hey all; I've got a sendmail (8.13.4) box primarily relaying from the outside to a number of inside locations. Problem is, this box also sends mail out itself, mostly reporting and such. Now any mail it generates is coming from "user@localhost" which resolves (naturally) to 127.0.0.1. I can add localhost to the access DB and it works fine, but I'm wondering if this is really the ideal way of doing things. Is there a way I can rewrite the sender domain from localhost to domain.com, or even host.domain.com? Thanks, Colin Colin B. wrote: > I've got a sendmail (8.13.4) box primarily relaying from the outside to > a number of inside locations. Problem is, this box also sends mail out > itself, mostly reporting and such. Now any mail it generates is coming > from "user@localhost" which resolves (naturally) to 127.0.0.1. I can add > localhost to the access DB and it works fine, but I'm wondering if this is > really the ideal way of doing things. Is there a way I can rewrite the > sender domain from localhost to domain.com, or even host.domain.com? Recomended way: Make "hostname --fqdn" report host.domain.com as fully qualified domain name of "this host". -- Andrzej [en:Andrew] Adam Filip anfi@priv.onet.pl anfi@xl.wp.pl All that is necessary for the triumph of evil is that good men do nothing -- Edmund Burke (1729-1797) Andrzej Adam Filip <anfi@priv.onet.pl> wrote: > Colin B. wrote: &...

Making sendmail work with my ISPs mail server
I am running sendmail on Solaris 9. Normally I use Mozilla to do most of my email, with mail.charter.net set as the outgoing server (SMTP), but would like on occassion to use mailx instead. The problem is I can not get sendmail configured so it will send mail via mail.charter.net. I have tried 2 or 3 different sets of sendmail.cf changes based on what I have found using Google, but none of them work. Local mail is fine, but mail addressed to jack_morrison@charter.net gets sent but never received. My latest attempt used the following .mc file to create sendmail.cf: divert(0)dnl VERSIONID(`@(#)subsidiary.mc 1.10 (Sun) 12/14/00') OSTYPE(`solaris8')dnl DOMAIN(`solaris-generic')dnl define(`SMART_HOST', `mail.charter.net') MAILER(`local')dnl MAILER(`smtp')dnl LOCAL_NET_CONFIG R$* < @ $* .$m. > $* $#esmtp $@ $2.$m $: $1 < @ $2.$m. > $3 I then used mail to send a message to jack_morrison@charter.net but never received anything. Any help would be appreciated. Thanks Jack Please disregard my post, as it turns out this last changed worked but my Mozilla browser got hung up and was not pulling mail down from my mail server. Sorry! Jack Morrison wrote: > I am running sendmail on Solaris 9. Normally I use Mozilla to do most of > my email, with mail.charter.net set as the outgoing server (SMTP), but > would like on occassion to use mailx instead. The problem is I can not > get sendmail configured so it will send mail vi...

Restrict Local From: mails on Sendmail Relay Servers
Hi, In our network we have a Sendmail relay server connected on our intranet and also to the public network. I would like to restrict the server to accept incoming mails with source local adresses only from our intranet. Example: Lets supose that our local domain is "local.dom". Considering this scenario I would to configure Sendmail only to accept mails with the "From: *@local.dom" comming from our intranet mail server and reject those comming from Internet apparently sended from a *@local.dom guy. Regards, Jordi ...

How to setup sendmail quickly and simple mail server
Hi I just need to know how to setup sendmail quickly . Are there are guides outhere to do a fast setup ? I just need one mailbox where I am planning to send some logs from a linux server. I would like just one person to login to the mailbox and look at messages . nothings fancy just a plain mailbox with a login ID and password I do have DNS server ...

Redirecting Mail Rx By Sendmail To An Exchange Server
I am reasonably familiar with using sendmail as the primary MTA for a domain. However, I have a client that wants to do something I know can be done, but which I've never done myself, so I am turning to the geniuses here. I'm not looking for a spelled out solution, just a pointer on where to get started (though a turnkey solution will happily be accepted :) Today's Situation ----------------- The client runs their own mail infrastructure and their domain MX points to an Exchange server machine. What They Want -------------- 1) Run sendmail/MailScanner/clamav on a FreeBSD server (no problem - I know how to do this). Point their domain MX to this machine. 2) After sendmail has rxed the mail and MailScanner has processed it and virus scanned it (with clamav) - here's the part I do not know how to do - have sendmail then take the processed mail and automatically send it to the Exchange server that is actually servicing their internal clients. 2a) I need to do this transparently - that is, adding/deleting users or changing policies on the Exchange server ought to require no config changes on the sendmail frontend. 2b) I presume - correct me if I'm wrong - that they should be able to _Send_ email by having Exchange handle it directly. Is there also a way to have Exchange send it back through the sendmail frontend machine so that outbound mail is also virus checked? In effect, they want sendmail/Mailscanner...

Questions on setting up Sendmail as a central mail server
Hello everyone. I spent the past few days famalirizing myself with sendmail. Building my ..cf file, customizing .mc, m4 usage etc. I am doing this on FreeBSD 4.9. I found out that what works best for me is to download the source (8.12.11) and compile it by hand. My question is this. I am going to put up Sendmail as our company mail server. It is most likely going to sit on the DMZ and as it stands right now, the only people who should be able to send mail out through this mail server are the users that are on my intranet. I did build sendmail with milter, saslv2, and starttls. I know SMTP-AUTH is a very handy way to ensure additional security for sendmail. With that in mind, I was hoping to get some additional recommendatinos to further ensure that my server is as secured and locked down as possible. For instance, I know there is the access file and access.db (which im still reading about in the Bat Book) which could further help in securing my mail server. I still have a lot to learn and much to go over in the bat book as it seems there are endless amount of options I can specify with sendmail. For now though, I was hoping I could get some additional feedback on my particular setup to make sure I am heading down the correct path. I appreciate everyones help. Jason ...

Mails from my sendmail server are rejected by certain domains!!!
Dear all, I had setup a sendmail mailserver in my system which is running in redhta9.0. The mail server sends and receive mails from localdomains as well as from internet . My mail server was working on a dialup connection and we had problems sending mails to certain domains like rediffmail.com . Now inorder to solve the issue, i replaced the dialup connections with a DSL connection of 64 Kbps .Now the problems are multiplied, i cannot send mails to internet partcularly to domains like rediffmail.com , yahoomail.com..etc. But i can receive mails from all these sites.when i send a mail to rediffmail.com that mail is bouned back and received by postmaster(in my case it is root) I have set the hostname as focuz and domainname is com. I had also set the Masquerade option as cluster.tech . The masquerade_envelope is also enabled.follwoing is the content of returned mail. From MAILER-DAEMON@benz-group.com Wed Jul 7 18:50:09 2004 Return-Path: <MAILER-DAEMON@cluster.tech> Received: from localhost (localhost) by cluster.tech (8.12.8/8.12.8) id i67DK9Vi004137; Wed, 7 Jul 2004 18:50:09 +0530 Date: Wed, 7 Jul 2004 18:50:09 +0530 From: Mail Delivery Subsystem <MAILER-DAEMON@afbl.com> Message-Id: <200407071320.i67DK9Vi004137@cluster.tech> To: <root@cluster.tech> MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="i67DK9Vi004137.1089206409/cluster.tech" Subject: Returned mail: ...

Switch off the "Mail delivery failed: returning message to sender" mail from sendmail ?
Hello ! Now i have here a little freebsd 6.3 server. This server receive and send my lokal and worldwide emails. When this server receive a mail with unqualified local user sendmail automatic generate the mail that says "Mail delivery failed: returning message to sender". Somewhere spam known now that this mail adress has a reciving server and can probe other names before @ ? My ideas now is the feature switched off and no generate this ugly mail ? The mail with unqualified username can delete now ? Can somwhere help me to find the right option in my *.mc sendmail configuration file ? Thanxs 4 ever !!! ....Jaro ------------------------------------------------------ #!/usr/bin/perl foreach $c (split(/ /,"4a 61 72 6f 6d 96 72 20 50 72 69 6e 7a 6c 65 72")) { print pack("C", hex($c)); } Hello, Take a look on PrivacyOptions=noactualrecipient ...

newbie question: sendmail doesn't send mail to external mail account.
Hi there, It seems send mail doesn't send mail to external mail account in my FreeBSD 4.8 BOX. However, I'm able to receive mail from external mail, such as yahoo, hotmail account. My config is: FreeBSD 4.8 ISP: bell Sympatico high speed with dynamic IP address. SMTP port is enabled on the router/firewall. Can anyone help? bluesnow#mail -v calvin2k_cn@yahoo.com Subject: This is a test. Do you hear me? EOT calvin2k_cn@yahoo.com... Connecting to [127.0.0.1] via relay... 220 bluesnow.gotdns.com ESMTP Sendmail 8.12.8p1/8.12.8; Thu, 26 Jun 2003 17:14:51 -0400 (EDT) >>> EHLO bluesnow.gotdns.com 250-bluesnow.gotdns.com Hello localhost [127.0.0.1], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-DELIVERBY 250 HELP >>> MAIL From:<cguan@bluesnow.gotdns.com> SIZE=68 250 2.1.0 <cguan@bluesnow.gotdns.com>... Sender ok >>> RCPT To:<calvin2k_cn@yahoo.com> >>> DATA 250 2.1.5 <calvin2k_cn@yahoo.com>... Recipient ok 354 Enter mail, end with "." on a line by itself >>> . 250 2.0.0 h5QLEpDJ006984 Message accepted for delivery calvin2k_cn@yahoo.com... Sent (h5QLEpDJ006984 Message accepted for delivery) Closing connection to [127.0.0.1] >>> QUIT 221 2.0.0 bluesnow.gotdns.com closing connection bluesnow# sendmail -bp /var/spool/mqueue (2 requests) -----Q-ID----- --Size-- -----Q-Time----...

using sendmail MSP to forward mail to a central server
I've configured postfix as an MTA on my network, but for all the other machines, I just want to forward all mail directly to the central server. This means I don't really want a local sendmail server on each box. The questions I have are: 1. Is is OK to use FEATURE(`msp', `mailserver.my.domain') in submit.mc to send mail across the internal network, and should I do anything else in submit.mc to get sendmail to connect to my postfix server? 2. What's the recommended way of rewriting the To: address? It's useful to (somehow) preserve the original machine the mail w...

Web resources about - Securing a Sendmail mail server - comp.mail.sendmail

Securing Email Communications from Facebook
It's very important to us that the people who use Facebook feel safe and can trust that their connection to Facebook is secure; for instance ...

Securing Graph API Calls - Facebook-Entwickler
Graph API calls can be made from clients or from your server on behalf of clients. Calls from a server can be better secured by adding a parameter ...

Securing your Twitter experience with HTTPS - Twitter Blogs
... makes your Twitter experience more secure by protecting your information, and it’s especiall... Skip to main content Sign in Search Securing ...

Securing the landing zone - Flickr - Photo Sharing!
U.S. Army 1st Sgt. Gerald Eagan, with the 6th Engineer Battalion, throws his rucksack in front of him while pulling security on a remote mountain ...

Slamming Boss Against Wall, Shouting ‘I Need More Cash!’ Still Leading Tactic For Securing Raise - YouTube ...
Subscribe to The Onion on YouTube: http://bit.ly/xzrBUA Calling it the most effective method for reaching one’s full earning potential, a report ...

AFC president calls for more on-pitch success from Asian nations after securing a new term - The National ...
The Asian Football Confederation (AFC) is more united than it has been before but its teams must do better on the field, Shaikh Salman Bin Ebrahim ...

IN PICTURES: Securing the journey to the Cloud roundtable - Slideshow - ARN
... to discuss the journey towards the cloud. ARN in conjunction with itX, Trend Micro and VMware hosted the exclusive discussion on the securing ...


Veterans' families serve by securing the base in wartime
There are no memorials to the families of soldiers. There should be.

Securing the network beyond passwords - consumerization of IT, BYOD, MDM, Networking, security, wireless ...
Passwords have been a weakness of network security since the development of computer networks. Through guessing weak passwords, exploiting weak ...

Resources last updated: 3/25/2016 8:34:49 AM