Hi,
I have sendmail running on AIX machine. It is using windows mail relay server to send emails internally within organization and externally on the web. It works all ok. However I want to restrict any user on AIX machine to send emails only to users in one domain e.g. abc@domain.com. So the emails directed to any other domain e.g. @gmail.com should not even reach to mail relay server and get blocked on AIX servers itself. Anyone has got any idea how can I achieve this?

Hi there,

You can do this with the "mailertable" feature.

This can be done by following these steps:

- Disable the "smart relay" in sendmail.cf (line starting with DS, and containing something like "DSsmtp:relay.example.com"). Comment this out, and replace it with a line containing only the letters DS with no value following it.
- Enable the "mailertable" feature, which configures relay hosts per domain. Do this by searching for "mailertable" in sendmail.cf, and uncommenting the "Kmailertable hash /etc/mail/mailertable" line, and the block of 5 rules below the comment "not local -- try mailer table lookup".
- Create an /etc/mail/mailertable file, containing something like this:

Note that the left hand side (domain name) and right hand side (relay) are separated by a tab, not spaces. These rules tell sendmail that for mail destined for @example.com addresses, use the relay.example.com relay. For all other domains, return an error message (other options are described below).

- Build the database version of the mailertable file by running:

The "error:nohost ..." mailer mentioned above can be replaced with other options, including:

- To discard the mail, replace everything from "error:..." with "local:nobody". The "local" mailer delivers mail to a local user or alias, and "nobody" is usually an alias for /dev/null in /etc/mail/aliases.
- If you want to send mail to an alternate local user, specify the username, for example "local:amolpali".
- If you want to keep the mail in a file instead, create an alias in /etc/mail/aliases, for example "remotemail: /tmp/badmailfile", run the newaliases command, and specify a mailer of "local:remotemail" in the mailertable.

Remember to rerun the makemap command after changing the mailertable file.

To test whether this works, try and send mail to a local user (without a domain name), a user at an allowed domain (amolpali@example.com in the example above), and to a domain not specifically allowed (like nobody@example.net). The local & allowed mail should be delivered. The external mail should not be delivered, but instead:

- If you are using the "error" mailer, the mail/mailx commands will return the error, and write the mail to the ~/dead.letter file.
- If you redirected the mail to a user or file, the mail should go there.
- If you discarded the mail ("local:nobody" mailer), you can use syslogd to test. Configure syslogd to write at least mail.info messages to a file, send a test message to an address at an outside domain (nobody@nowhere.co.za in the example below), and check the syslog output file. You should see an log entry like this:

Good luck!

3 members found this post helpful.

Very useful answer cliffordw!
Thanks a lot
It's working perfectly after following your instructions.