Hi there,
You can do this with the "mailertable" feature.
This can be done by following these steps:
- Disable the "smart relay" in sendmail.cf (line starting with DS, and containing something like "DSsmtp:relay.example.com"). Comment this out, and replace it with a line containing only the letters DS with no value following it.
- Enable the "mailertable" feature, which configures relay hosts per domain. Do this by searching for "mailertable" in sendmail.cf, and uncommenting the "Kmailertable hash /etc/mail/mailertable" line, and the block of 5 rules below the comment "not local -- try mailer table lookup".
- Create an /etc/mail/mailertable file, containing something like this:
Code:
example.com smtp:relay.example.com
. error:nohost Mail to external domain is prohibited
Note that the left hand side (domain name) and right hand side (relay) are separated by a
tab, not spaces. These rules tell sendmail that for mail destined for @example.com addresses, use the relay.example.com relay. For all other domains, return an error message (other options are described below).
- Build the database version of the mailertable file by running:
Code:
makemap hash /etc/mail/mailertable < /etc/mail/mailertable
The "error:nohost ..." mailer mentioned above can be replaced with other options, including:
- To discard the mail, replace everything from "error:..." with "local:nobody". The "local" mailer delivers mail to a local user or alias, and "nobody" is usually an alias for /dev/null in /etc/mail/aliases.
- If you want to send mail to an alternate local user, specify the username, for example "local:amolpali".
- If you want to keep the mail in a file instead, create an alias in /etc/mail/aliases, for example "remotemail: /tmp/badmailfile", run the newaliases command, and specify a mailer of "local:remotemail" in the mailertable.
Remember to rerun the makemap command after changing the mailertable file.
To test whether this works, try and send mail to a local user (without a domain name), a user at an allowed domain (amolpali@example.com in the example above), and to a domain not specifically allowed (like
nobody@example.net). The local & allowed mail should be delivered. The external mail should not be delivered, but instead:
- If you are using the "error" mailer, the mail/mailx commands will return the error, and write the mail to the ~/dead.letter file.
- If you redirected the mail to a user or file, the mail should go there.
- If you discarded the mail ("local:nobody" mailer), you can use syslogd to test. Configure syslogd to write at least mail.info messages to a file, send a test message to an address at an outside domain (nobody@nowhere.co.za in the example below), and check the syslog output file. You should see an log entry like this:
Code:
Jan 30 12:11:25 buffy mail:info sendmail[16318522]: q0UABP7M16318522: from=root, size=47, class=0, nrcpts=1, msgid=<201201301011.q0UABP7M16318522@buffy.example.com>, relay=root@localhost
Jan 30 12:11:25 buffy mail:info sendmail[9764972]: q0UABP7M16318522: to=/dev/null, ctladdr=nobody@example.net (1/0), delay=00:00:00, xdelay=00:00:00, mailer=*file*, pri=120047, dsn=2.0.0, stat=Sent
Good luck!