Sendmail Relaying Question
 

I'm confused about the different uses of the sendmail access.db file vs. relay-domains. They both seem to control relaying... so why do both exist? If I simply want to relay all traffic for my 4 office's IPs and deny it for everyone else, which file do I use?

use the access(.db) file - for example,
192.168.1.10 RELAY

will allow a station on 192.168.1.10 to use your sendmail on the server as a mail relay.

naz

Thanks... the best I could get from the Sendmail site is that relay-domains is used to list domains I will relay mail for, but that access.db allows finer control... specifically of individual hosts, IP blocks, etc ??? Is this correct? Since you suggest using the access.db file, then what's the purpose of relay-domains?

Basically, here's what I need to do... let's say I have two offices and a co-lo. I want to relay for:
10.1.1. (office A)
192.168.1. (office B)
172.16.100. (local co-lo)

And just in case I want to put a valid DNS assigned host for my domain at my house, I want to relay for any valid hosts in my domain (confirmed by DNS)... so I als want to relay for:
mydomain.com

Then I want to explicitly deny relay for all other hosts, IPs, etc. Do I have to list mydomain.com in relay-domains and the IP ranges for the offices in access.db? Or can I do it all in access.db?

Lastly... are the access and relay-domains files read top to bottom like a firewall ruleset so that if I list five relayed domains, then my last entry is 0.0.0.0 REJECT, will my IP ranges/domains be allowed to relay while everything else will reject?

More info on the access.db feature can be found at:
http://www.sendmail.org/m4/anti-spam.html

By default, sendmail denies relaying. So you do not need to reject everything else explicitly (and if you do it like you're proposing, it won't work - read the above webpage thoroughly and you'll understand why).

I recommend reading the sendmail manual (on my system it's /usr/doc/sendmail/doc/op/op.ps) for the nitty gritty.

(more later, i got to run now)

naz