Hi,

I need to close my sendmail relay, but I haven't been able using sendmail.cf

I've heard there's a POP before sendmail authorization or something like that. Could anyone help me getting this resolved? I don't mind paying for this.

Since I host many sites, I need to allow that domains to relay freely.

Thanks,
Emilio

Please clarify what you are asking.

You started off by saying you need to close relaying and then went on to say you want to allow it.

On my server (RAQ4) I have this in the sendmail access file, not the .cf file.....

www.domain.com RELAY
www.domain2.com RELAY


Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

I want to deny relaying to EVERYONE except the domains I am hosting.

I don't know if that makes sense.

Thanks,
Emilio

I think you will need to edit the access file in that case, as mentioned above.

Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

I have tried, but had no success :(

That's why I need "professional" assistance :)

As Proferssional Assistance as is possible to get with sendmail.

http://store.sendmail.com/...p;prodCategory=-8023

--mark

I would suggest you have a look at the following site:-

http://www.sendmail.org

Lots of FAQ's etc on the use of Sendmail. For what you are after, it is dependent upon the version of Sendmail on your server. The following is contained in the 'relay' section of one of the FAQ's on that site.

----> Begin
As of sendmail version 8.9, forwarding of SMTP messages is not permitted by default. For example, if you are on site A.COM, you will not accept mail from B.NET destined for C.ORG without special arrangements. These instructions assume that you are using the M4 technique for creating your sendmail.cf files; if you are not, you are on your own.

The simplest approach is to list the domains you are willing to relay in the file /etc/mail/relay-domains. Anything listed in this file will be accepted for relaying. N.B.: Sendmail must be restarted after this file is modified.

For more precise tuning, several FEATUREs have been added to control relaying:

FEATURE(relay_hosts_only). Normally domains are listed in /etc/mail/relay-domains; any hosts in those domains match. With this feature, each host in a domain must be listed.

FEATURE(relay_entire_domain). Setting this feature allows relaying of all hosts within your domain. For example, on the host gateway.A.COM, this feature allows mail to or from any host in the A.COM domain. More precisely, this relays any host listed in the $=m class. This is equivalent to listing the name of the domain in /etc/mail/relay-domains.

FEATURE(access_db). This enables the hash database /etc/mail/access to enable or disable access from individual domains (or hosts, if FEATURE(relay_hosts_only) is set). The database format is described below.

FEATURE(blacklist_recipients). If set, this feature looks up recipients as well as senders in the access database.

FEATURE(rbl). Enables rejection of mail based on the Realtime Blackhole List maintained at maps.vix.com.

FEATURE(accept_unqualified_senders). Normally, sendmail will not accept mail from a sender without a domain attached -- for example, user instead of user@B.NET. This feature allows such users.

FEATURE(accept_unresolvable_domains). Normally, sendmail will refuse to accept mail that has a return address with a domain that cannot be resolved using the regular host lookups (a technique commonly used by spammers). This feature permits acceptance of such addresses. Unresolvable domains can be selectively accepted using the access database.

FEATURE(relay_based_on_MX). Setting this feature permits relaying for any domain that is directed to your host.
Several other features are probably a bad idea, unless you are inside a firewall, because they make your system vulnerable to abuse by spammers:

FEATURE(relay_local_from). This feature allows relaying if the message claims to originate at your domain. Since forging this address is trivial, this is probably a bad idea.

FEATURE(loose_relay_check). This turns off checking for explicit routing through your host, such as target%C.ORG@A.COM.

FEATURE(promiscuous_relay). If you really want to forward all the spam on the net, this will turn off all checking for relaying.

Hope this is of some help.


Regards,


Clint.

--------------------------
http://www.AffiliatesDirectory.com - Affiliate Programs Directory

Hi Clint,

Do you know how to "use" or "activate" the features?

What I need is FEATURE(relay_local_from) but I don't know where to put it or how to tell sendmail to use it.

I've tried putting it on the sendmail.cf file but it gives me an error.

Thanks,
Emilio

Go to Sendmail.org and READ what they say or READ what Clint pasted....

The simplest approach is to list the domains you are willing to relay in the file /etc/mail/relay-domains. Anything listed in this file will be accepted for relaying. N.B.: Sendmail must be restarted after this file is modified.



Paul
Installations:http://wiredon.net/gt/
Support: http://wiredon.net/forum/

i already tried that, and didn't work. It only allows to send mail to domains IN my server, and not outside.

Let me show you what happen.I host the domain mexicomail.com.mx

For example, I put the domain 'mexicomail.com.mx' in the relay-domains file and want to send an e-mail from account@mexicomail.com.mx to anything@vox.es I get a '550 Relay Denied'.

However, if I put a .mx or a .es on the relay-domains, I can send mail to that domain, but it's having like an open relay for everyone.

Any idea?

Emilio:

I am 'no' expert on sendmail, however from a quick look at the faq one of the first things you need to determine is what version you are running.

There are tips on how to do this etc at the site I mentioned in my previous message, as well as sendmail newsgroups and discussion forum links where I am sure you will get the answer.

Regards,


Clint.

--------------------------
http://www.AffiliatesDirectory.com - Affiliate Programs Directory