Of course, I have removed things which would identify me. Actually, some (short sighted) people in my organization think that users forums shouldn't be used as sources of reliable information. I have often found otherwise.

I just want to secure my sendmail setup. I only have it running so that my application can use sendmail to relay mail to our internal SMTP relay server. The Exchange guys use some GUI wizard based product, and that is their baby. It handles relaying mail and associated policies.

Right now, my application, Ciscoworks2000 is able to successfully send mail to me. But I thought I would test some things to make sure our internal grey/black hats don't use my system to send inappropriate mail.

I don't know much of anything about sendmail. But I have tried these types of steps and it keep stopping me, which I think is good. I hope it is really secure. I don't have a "/etc/mail/relay-domains" file, yet somehow the application can send me reports. When I telnet to its port 25 and try these particular steps, I can't seem to get it to work.

At this point, I'll assume I don't really know how to test the security of sendmail and I'll ask some more experiences users.





220 servername ESMTP Sendmail 8.11.7p1+Sun/8.11.6; Fri, 8 Jul 2005 10:53:46 -0400 (EDT
)
HELO mydomain.gov
250 servername Hello myhostname [myIPaddress], pleased to meet you
MAIL FROM:<me@mydomain.gov>
250 2.1.0 <me@mydomain.gov>... Sender ok
RCPT TO:<theotherme@yahoo.com>
550 5.7.1 <theotherme@yahoo.com>... Relaying denied






Thanks.

I think the best means to test it is to just try and use the sendmail service from many different hosts from within and outside of your network. I'd say from what you described though, your pretty secure from the sounds of it.