sendmail - mail access
Hi there once again, I'm back with another question. I am using sendmail out off SuSE-Linux 6.3. Is there a way to restrict the access to a local user's mailbox (e.g. john.doe@domain.edu)? The user should still be able to receive local mail (form everyone in domain.edu) but not mail from outside the whole net. As far as I have read in the sendmail documentation you only can deny all mail to the user (within /etc/mail/access). Any help is welcome! Thanks Fritz
At 10:56 21.02.00 +0100, you wrote:
Hi there once again,
I'm back with another question.
I am using sendmail out off SuSE-Linux 6.3. Is there a way to restrict the access to a local user's mailbox (e.g. john.doe@domain.edu)? The user should still be able to receive local mail (form everyone in domain.edu) but not mail from outside the whole net. As far as I have read in the sendmail documentation you only can deny all mail to the user (within /etc/mail/access).
1. Perhaps you can give the /etc/mail/virtusertable a try: add a line: john.doe@domain.edu error:nouser User unknown anyone outside from "domain.edu" will get back mail to the user "john.doe". But inside "domain.edu" you can reach "john.doe" when you mail to him as "john.doe@localhost". note: mail to "john.doe@1.2.3.4" (put in your IP) will reach him too, even from outside. 2. Perhaps you can write a little filter and put it in the /etc/aliases. Don't know. Someone any ideas? bye Bernd
Any help is welcome!
Thanks Fritz
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
At 10:56 21.02.00 +0100, you wrote:
Hi there once again,
I'm back with another question.
I am using sendmail out off SuSE-Linux 6.3. Is there a way to restrict the access to a local user's mailbox (e.g. john.doe@domain.edu)? The user should still be able to receive local mail (form everyone in domain.edu) but not mail from outside the whole net. As far as I have read in the sendmail documentation you only can deny all mail to the user (within /etc/mail/access).
1. Perhaps you can give the /etc/mail/virtusertable a try: add a line:
john.doe@domain.edu error:nouser User unknown
anyone outside from "domain.edu" will get back mail to the user "john.doe". But inside "domain.edu" you can reach "john.doe" when you mail to him as "john.doe@localhost". note: mail to "john.doe@1.2.3.4" (put in your IP) will reach him too, even from outside.
2. Perhaps you can write a little filter and put it in the /etc/aliases. Don't know. Someone any ideas?
One way to do it might be to write procmail rules if you're using procmail for the local mail delivery agent (which SuSE 6.3 appears to be doing). Do a man on procmail to get started, but you should be able to put rules in the /etc/procmailrc file to do anything you want with any mail that needs local delivery, including screening out non-local domains. I haven't used procmail for this specific purpose but I've used it for other email filtering tasks and it's really pretty powerful. Hope this helps, John Ritchie
funny, i'm hookin on the same problem for a week now! i know about a feature of the lotus notes mail system, exactly like the one desired. it depends on an entry to the public address book whether a mail user is permitted to recieve and get mail from outside or not. is it possible to add some rules to sendmail.cf and procmailrc consulting a public user access/deny list without too much effort? bart
On Tue, Feb 01, 2000 at 04:15:37PM +0100, Bernd Jedamzik wrote:
At 10:56 21.02.00 +0100, you wrote:
I am using sendmail out off SuSE-Linux 6.3. Is there a way to restrict the access to a local user's mailbox (e.g. john.doe@domain.edu)? The user should still be able to receive local mail (form everyone in domain.edu) but not mail from outside the whole net. john.doe@domain.edu error:nouser User unknown
note: mail to "john.doe@1.2.3.4" (put in your IP) will reach him too, even
from outside.
2. Perhaps you can write a little filter and put it in the /etc/aliases. Don't know. Someone any ideas?
Afair you should be able to run the filter like some mailing list server. I can't remember how this was done exactly --- must have been called a progmailer ... Was it configured in the sendmail config file? (I'm using qmail since some time.) The filter will automatically be called by sendmail on receiving mail for your particular user and can read the mail from stdin. This is what some mailing list servers do. The filter would have to reliably decide about the origin of the mail (how?) and have to take appropriate actions. Such a filter can come along with its own security problems. GH -- Nieder mit der Mineralölsteuer!! Senkt die Benzinpreise!!
participants (5)
-
Bernd Jedamzik
-
bjoern@chyba.at
-
F. Spitzer, GEOSYSTEMS
-
hwilmer@gmx.de
-
John Ritchie