# # /etc/mail/access # # # Original Version # ---------------- # http://www.Linux-Sec.net/Mail/etc.mail/access # # # Good Docs ( /etc/mail/access howto ) # --------- # http://www.sendmail.org/m4/anti_spam.html#access_db_fine # http://blue-labs.org/howto/access_hints.php # http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap22sec178.html # http://www.sial.org/sendmail/config/mail-server-8.12 # http://www.cs.montana.edu/harkin/courses/cs409/outline/15-email/outline.html#topic4 # # # # Check the /usr/doc/sendmail-8.9.3/README.cf file for a description # of the format of this file. (search for access_db in that file) # The /usr/doc/sendmail-8.9.3/README.cf is part of the sendmail-doc # package. # # # # To update Changes # ----------------- # 1. cd /etc/mail ; make # - or - # makemap hash access < access # # 2. -->> restart sendmail afterward <<-- don't forget to do this too # # # # To View the Database # -------------------- # db_dump -p /etc/mail/access.db # # # 18-May-02 amo Cleanup for Release # 09-Nov-02 amo Added Foreign friends to allow # 13-Dec-02 amo Added sial.org, montana.edu # 08-Apr-03 amo Disallow sending to hotmail.com from work emails # 03-Jun-03 amo Allow local LAN ( 192.168.1.0 ) to send/receive emails # # ################################################################### # Rules for this file # OK accept mail even if other rules in the # running ruleset would reject it. # RELAY Allow domain to relay through your SMTP # server. RELAY also serves an implicit # OK for the other checks. # REJECT reject the sender/recipient with a general # purpose message. # DISCARD discard the message completely using # the $#discard mailer # ### any text where ### is an RFC 821 compliant error code # and "any text" is a message to return for # the command. ### can be 550 # # http://www.cs.montana.edu/harkin/courses/cs409/outline/15-email/outline.html#topic4 # # OK - accept under all circumstances. # RELAY - its OK to relay mail from this host. # REJECT # DISCARD - accept, but discard, so the sender doesn't know. # 501 message - Don't accept if the sender address partially matches user@host. # 553 message - Don't accept if the sender address doesn't contain the host name. # 550 message - Do not accept from the specified domain name. # # # allowing the local interface usually beneficial 127.0.0.1 OK # #IPv6:::1 RELAY # # # # by default we allow relaying from localhost... localhost.localdomain RELAY localhost RELAY # # # 192.168.1.0/24 RELAY # # # Your real domain name ( name of this machine ) # --------------------- YourDomain.com RELAY # # # Virtual Domains that this machine will accept incoming email for these domains # ------------------------------------------------------------ # foo.com RELAY # bar.com RELAY # # # # Fix machines with bad DNS of friendly machines --- 501 5.1.8 hostname must resolve # ---------------------------------------------- # - bad/missing reverse DNS # # MissingDNS.Somebody.com RELAY # # # Disallow "personal emails" from work # ------------------------------------- # To:foo@hotmail.com REJECT # To:bar@yahoo.com REJECT # # # Allow Foreign Friends and Partners from banned TLD like *.kr and *.cn # -------------------------------------------------- # # friends@ForeignCountry.co.kr OK # Partners@Subsidianr.co.cn OK # # # # Reject these known spammers # --------------------------- # # cyberpromo.com 550 We don't accept mail from spammers # cyberpromo.com REJECT asseenontw.com REJECT # # # Most spam from foreign countries # -------------------------------- cn REJECT kr REJECT ru REJECT # # # From montana.edu url # -------------------- # malicious.org DISCARD # bozo@clowns.org 501 You can't use this mail server # clowns.org 550 No mail from you clowns # # # end of file