Configure sendmail to reject all incoming email except specific whitelistings
Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Configure sendmail to reject all incoming email except specific whitelistings
I'd like to configure sendmail to permit outgoing emails to any address, but reject ALL incoming email except to a few specific addresses. Can I do this?
I'd like to configure sendmail to permit outgoing emails to any address, but reject ALL incoming email except to a few specific addresses. Can I do this?
One way to achieve this, is to use a virtusertable file:
It appears that the final "550" rejection takes precedence
Are you using a "Relaying denied" rejection message?
Also note that you have to put first the email addresses and the corresponding local usernames and at the end the wildcard rejection
From your OP, I thought that you want to block all the incoming email, except to a couple of recipients. If that's the case, then you need to use the code in the 2nd snippet of the above link and also use To: instead of From: in the whitelist file:
My bad, yes, my OP is badly worded. Let's start over. I want to permit specific From:'s coming into this server. I don't really care on the local recipient side -- if the user doesn't exist it won't get delivered, NBD. Furthermore, I don't want any restrictions on local users sending to anyone, anywhere.
So, does that alter your suggestion for the virtusertable? (which I did configure exactly as you showed)
Possible complication: the domain horeb-wright3.org will be one of several domains hosted on this computer. I do have that domain in /etc/mail/local-host-names. This server's real FDQN is sanford.local.
So, does that alter your suggestion for the virtusertable? (which I did configure exactly as you showed)
Yes, virtusertable is of no use in this scenario.
Quote:
I want to permit specific From:'s coming into this server. I don't really care on the local recipient side -- if the user doesn't exist it won't get delivered, NBD. Furthermore, I don't want any restrictions on local users sending to anyone, anywhere.
So you have to follow the 1st example in the link posted. Restart sendmail after using sendmail.mc to create the new sendmail.cf.
Also make sure that you whitelist the sender addresses you want and rebuild the whitelist database afterwards.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.