I seem to have another problem.I had not allowed a certain domain to relay through me but I am its secondary MX but before I could sort ot out it appears that my machien forwarded the mail without question. This leaves me puzzled. I would love to have relaying denied by default but it doesn't seem to be I thought this was a default setting. the box was a suse 6.1 that I upgraded to 6.4 kernel 2.2.14.
Which version is your sendmail package (`rpm -q sendmail')? sendmail should reject relaying attempts with the latest distributions. Make sure you did not use a sendmail.cf file from an older distribution! The file that you need is /etc/mail/access (don't forget to `makemap hash /etc/mail/access < /etc/mail/access.db'!). Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
sendmail version 8.9.3
That's good.
I can't verify this behaviour. Did you follow Werner Fink's hints in /etc/mail/genericstable?
reads the virtuser table but access and relay-domains no way yet the lines are there in sendmail.cf lines like
Hmmm. I also can't verify this. Are you aware that some of the features just don't get used if you relay your mail through the server?
Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
I can't verify this behaviour. Did you follow Werner Fink's hints in /etc/mail/genericstable?
you mean about the syntax of the file yes. I was trying to use it to make my mail appear to come from another account but it refused e.g the machine is wawa.eahd.or.ug but I want the mail fromaccount semat to appear to come from ksemat@uol.co.ug so I did semat ksemat@uol.co.ug and did makemap hash -f /etc/mail/genericstable.db < /etc/mail/genericstable and restarted sendmail to no avail.
?? I am using the server itself not relaying through it. However I had made some changes inorder to use the inflex antivirus scanner so I have attached sendmail.cf. Sorry list I couldn't think of another way.
I had a quick look at the .cf file, and I'm pretty sure my last mail is correct. You don't seem to actually have the rulesets to process the genericstable, just the definition. Also, you will probably find that mailertable and the like don't work as well. I suggest you rebuild the cf file from scratch... erm.. regards the inflex scanner, I have never seen it, but you may want to have a look at http://sourceforge.net/projects/mfilter It's a project I'm working on with a couple of others that works quite nicely as a email virus scanner... It currently uses AVP to good effect. At 07:18 PM 8/22/2000 +0300, you wrote:
yeah, sendmail.cf files can be very confusing. there are several sections, and the top bit that you are looking at (Kgenerics hash -o /etc/mail/genericstable.db) is just a definition section. that line does NOT actually USE generics, it just creates a "variable" if you like, called generics with the value of "hash -o /etc/mail/genericstable.db" the actual ruleset that applies is much further down the sendmail.cf file I highly recomend that you don't directly edit .cf files, rather rebuild from an mc macro file. Look at /etc/mail/linux.mc and at the suse manual for help with this.. it explains the whole thing fairly well. If you REALLY must edit the cf file, please buy the "Bat Book" (Sendmail by O'Reilly) and digest with alot of Tomato Sauce :) Seriously, sendmail.cf files are WAY beyond the scope of this mailing list. Try one of the sendmail lists... Cheers Peter Nixon Senior Security Consultant IT Audit & Consulting (ITAC) Pty Ltd http://www.itaudit.com.au mailto:petern@itaudit.com.au At 05:39 PM 8/22/2000 +0300, you wrote:
Which version is your sendmail package (`rpm -q sendmail')? sendmail should reject relaying attempts with the latest distributions. Make sure you did not use a sendmail.cf file from an older distribution! The file that you need is /etc/mail/access (don't forget to `makemap hash /etc/mail/access < /etc/mail/access.db'!). Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "Caution: Cape does | SuSE GmbH - Security Phone: // not enable user to fly." | Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) | - -
sendmail version 8.9.3
That's good.
I can't verify this behaviour. Did you follow Werner Fink's hints in /etc/mail/genericstable?
reads the virtuser table but access and relay-domains no way yet the lines are there in sendmail.cf lines like
Hmmm. I also can't verify this. Are you aware that some of the features just don't get used if you relay your mail through the server?
Roman. -- - - | Roman Drahtmüller <draht@suse.de> "Caution: Cape does not | SuSE GmbH - Security enable user to fly." | Nürnberg, Germany (Batman Costume warning label) | - -
I can't verify this behaviour. Did you follow Werner Fink's hints in /etc/mail/genericstable?
you mean about the syntax of the file yes. I was trying to use it to make my mail appear to come from another account but it refused e.g the machine is wawa.eahd.or.ug but I want the mail fromaccount semat to appear to come from ksemat@uol.co.ug so I did semat ksemat@uol.co.ug and did makemap hash -f /etc/mail/genericstable.db < /etc/mail/genericstable and restarted sendmail to no avail.
?? I am using the server itself not relaying through it. However I had made some changes inorder to use the inflex antivirus scanner so I have attached sendmail.cf. Sorry list I couldn't think of another way.
I had a quick look at the .cf file, and I'm pretty sure my last mail is correct. You don't seem to actually have the rulesets to process the genericstable, just the definition. Also, you will probably find that mailertable and the like don't work as well. I suggest you rebuild the cf file from scratch... erm.. regards the inflex scanner, I have never seen it, but you may want to have a look at http://sourceforge.net/projects/mfilter It's a project I'm working on with a couple of others that works quite nicely as a email virus scanner... It currently uses AVP to good effect. At 07:18 PM 8/22/2000 +0300, you wrote:
participants (3)
-
Nix -
Roman Drahtmueller -
semat@wawa.eahd.or.ug