sendmail: open-relay

Matthew Seaman m.seaman at
Mon Jan 4 14:33:53 UTC 2010

Peter Ulrich Kruppa wrote:

> BTW. I have read somewhere, there might be problems with hostnames like
>, since they would allow to relay all mails from .net ?!?

I'm trying to remember where this appears.  I remember vaguely what
you're referring to, and yes, it's a theoretical possibility if you
combine a name like that with domain name based access controls.  Aha!
Found it.  It's this item in the 'FEATURE' section of 

                This option allows any host in your domain as defined by
                class {m} to use your server for relaying.  Notice: make
                sure that your domain is not just a top level domain,
                e.g., com.  This can happen if you give your host a name
                like instead of

So, unless you have an entry saying FEATURE(`relay_entire_domain')
somewhere in your sendmail configuration, this will not hurt you.  



Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP:     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
Url :

More information about the freebsd-questions mailing list