LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-16-2002, 04:35 AM   #1
markng
LQ Newbie
 
Registered: Jan 2002
Posts: 19

Rep: Reputation: 0
Questions regarding /etc/mail/access


Hi all,

I'm confused as to how I should enter the network address in the access file.

I'm currently running on a class C IP Network with a subnet of 255.255.255.224

I've tried the following and all does not work

x.x.x.0/255.255.255.224 RELAY
x.x.x.0 255.255.255.224 RELAY
x.x.x.0/27 RELAY

The strange this is that x.x.x.0/255.255.255.224 format works in /etc/hosts.allow

The only thing that works is

x.x.x RELAY

but this also allow others outside the subnet to send via this server. Another alternative that works is listing all the individual IP addresses which is a pain.

So guys.. any ideas?

Thanks in advance!!

-Mark
 
Old 08-16-2002, 04:36 AM   #2
markng
LQ Newbie
 
Registered: Jan 2002
Posts: 19

Original Poster
Rep: Reputation: 0
Sorry I forgot to mention.. its running on Red Hat Linux 7.3
 
Old 08-16-2002, 11:46 AM   #3
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Sendmail doesn't use .../mail/access as a text file.
You must use makefile to create the .db file.

Check out the /sendmail.cf file for details.

Regards,
Peter.
 
Old 08-16-2002, 12:00 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,383
Blog Entries: 55

Rep: Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558Reputation: 3558
OTOH if it's the format you're looking for it's
<parts you want to match> <errorcode> <message> like in
microsoft.com 550 Go away
microshaft.com OK
123.456.789 OK
123.456.789.133 550 Go away you 133T spammer

then do the makemap shuffle.
 
Old 08-16-2002, 12:47 PM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977Reputation: 1977
Quote:
Originally posted by peter_robb
Sendmail doesn't use .../mail/access as a text file.
You must use makefile to create the .db file.

Check out the /sendmail.cf file for details.

Regards,
Peter.
most versions of sendmail recompile the access_db whenever the daemon is started, i know it works fine to just change the text file and reload.
 
Old 08-16-2002, 07:09 PM   #6
markng
LQ Newbie
 
Registered: Jan 2002
Posts: 19

Original Poster
Rep: Reputation: 0
Hi guys,

Thx for replying.

Yes, I did do that makemap hash /etc/mail/access < /etc/mail/access


Its just that when I try to allow access to a certain subnet using the format I just mentioned (e.g x.x.x.x/255.255.255.224) it doesn't work.. meaning the it wont allow me to send my mails even though I belong in that IP range. However if I enter (x.x.x ) i.e allowing the whole Class C network, then I can send. However this will also allow others in the particular Class C network to send which I don't want to.

That's why I was wondering if my way of entering those 'rules' are wrong.

Thx again!
 
Old 08-19-2002, 09:29 AM   #7
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
New knowledge is good...
Thanks.

Reading the '/usr/share/sendmail-cf/README' file, that format is names or numbers, not masks.

For subnet mask control, add them to your iptables scripts.
eg
iptables -I INPUT -p tcp -s xxx.xxx.xxx.xxx/xx --dport 25 -j REJECT --reject-with icmp-host-prohibited

Regards,
Peter.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
local mail: how to access with Moz mail client acummings Linux - Networking 2 11-11-2004 08:33 AM
Sendmail /etc/mail/access issue (access.db) CactusS4 Linux - General 0 05-22-2004 07:59 PM
query with /etc/mail/access GraemeK Linux - Networking 1 04-26-2004 01:48 AM
How do I access mail from another host? correro Linux - General 6 03-24-2003 06:38 PM
e-mail questions PTBmilo Linux - Networking 2 01-11-2003 08:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:36 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration