Sendmail : Control who is allowed to send to my server
I am hoping that someone can help me figure this out. I am sure there is a simple solution out there --- but I am coming up with nothing. Apparently my brain has not made its way out of "holiday mode".
Lets say I have a sendmail server with port 25 wide open. Relaying is controlled via access.db so that only a few subnets are allowed to relay through the server. So --- the server is not acting as a spam relay (good thig, of course). Users have a need to be able to send through this server from off-site --- so the server requires SMTP AUTH via TLS for anyone not in the access.db relay list. The server has the lowest priority on the MX records because there are several spam filtering servers in front of it, but the server itself does not do any spam processing. This server is the final destination of mail for this network --- it is the one with all of the users accounts, the one accepting POPS/IMAPS connections, etc.
The problem is that a spammer can obviously ignore the MX records (as they often do) and send mail straight to the server with the lowest priority (which happens to be the mail server in question). The server stops spammers from using it as a relay, but spam destined for users on the server itself would be accepted. Mail that is destined for users on the server would obviously not be denied by means of relaying control. So, users are getting spam with a spoofed sender address -- often their own address or the address of another user on the system. Short of adding spam processing to this server .... what can I do to stop this? I basically just want to tell the server to only accept delivery of mail from a certain set of addresses (those in the relay list and the spam processing servers ahead of it in the MX records) and those that have SMTP AUTH'd. Any ideas? I was able to google how to do this on other MTAs ... just not sendmail.
As a note : I have asked this question in other places ... and two things were suggested. The first was removing this server from the MX records entirely. Unfortunately, this would not do any good as the server is already known by spammers. Also --- it has been suggested that I just put a host based firewall entry to deny all connections on port 25 except for those originating from the spam processing servers and those that I wish to be allowed to relay. This would not be acceptable as I need external users to be able to send through this server (using SMTP AUTH).
Thanks in advance for any help!