Sendmail local only.....

Giorgos Keramidas keramida at ceid.upatras.gr
Wed Jan 23 18:04:36 PST 2008


On 2008-01-23 13:44, Agus <agus.262 at gmail.com> wrote:
>> Giorgos, question...is it needed to put the
>> sendmail_submit_enable="YES"
>> sendmail_msp_queue_enable="YES"
>> Although they are the default ones?
> 
> Maybe i wasnt clear...but with the options you gave me Giorgos i still
> can send email from localhost to external servers like hotmail for
> instance, through telnet.....I want to disable this, so it can only
> send mails to local accounts....

Ah, I misunderstood the original question.  My apologies.

On 2008-01-23 17:26, Matthew Seaman <m.seaman at infracaninophile.co.uk> wrote:
> Hmm... It's actually pretty hard to stop an MTA from being able to
> send e-mail, given that is what it is designed to do.

Hehe, indeed :)

> Another approach worth trying would be to use a wildcard mailertable
> entry that redirects any mail back to root the local machine:
> 
> 
>    localhost	    local:
>    your.host.name local:
>    .	            local:root

That should work fine :)

> or replace the last line with:
> 
>    .              error:Mail to external sites not allowed

That's a great idea to build upon.

>From the limited testing I did just now, bounces still go through, so
someone may abuse this to post email by setting the sender address to
the intended recipient, and posting to random outside mailboxes.

The following works too (after setting up a local dev-null alias):

    localhost               local:
    my.hostname             local:
    .                       local:dev-null

This silently drops email messages, but at least it logs the delivery to
the dev-null alias, so there's a trace of the email message even though
it won't really get delivered to any user's mailbox and there's no error
responce sent to anyone.

Jan 24 03:57:09 kobe sendmail[9255]: m0O1ura8009255: from=keramida at kobe, \
  size=83, class=0, nrcpts=1, msgid=<200801240156.m0O1ura8009255 at kobe.laptop>, \
  relay=keramida at localhost
Jan 24 03:57:09 kobe sendmail[9255]: m0O1ura8009255: to=keramida at linux.gr, \
  ctladdr=keramida at kobe (1000/1000), delay=00:00:16, xdelay=00:00:00, mailer=relay, \
  pri=30083, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, \
  stat=Sent (m0O1v94R009303 Message accepted for delivery)
Jan 24 03:57:09 kobe smtpd[9303]: m0O1v94R009303: from=<keramida at kobe.laptop>, \
  size=374, class=0, nrcpts=1, msgid=<200801240156.m0O1ura8009255 at kobe.laptop>, \
  proto=ESMTP, daemon=Daemon0, relay=kobe.laptop [127.0.0.1]
Jan 24 03:57:09 kobe smtpd[9307]: m0O1v94R009303: to=/dev/null, \
  ctladdr=bit-bucket (26/0), delay=00:00:00, xdelay=00:00:00, mailer=*file*, \
  pri=30629, dsn=2.0.0, stat=Sent

Setting up a `mail-sink' alias, which traps all outgoing messages this
way, may be an easier way to recover the undelivered messages.  It
fringes on privacy violation, though, so I'm now going to pick one or
the other :)

- Giorgos



More information about the freebsd-questions mailing list