Sendmail on freebsd
Ian Smith
smithi at nimnet.asn.au
Wed Jan 4 13:07:07 UTC 2017
In freebsd-questions Digest, Vol 657, Issue 5, Message: 18
On Wed, 4 Jan 2017 08:26:48 +0100 Bernt Hansson <bah at bananmonarki.se> wrote:
> Hello list!
>
> Have a question or more about /etc/mail/access.
>
> Is this list appropiatefor this kind of question?
I don't see why not.
> If not, please point me in the right direction.
>
> If i put this in /etc/mail/access
>
> com REJECT
>
> Does that reject all domains that contain com
> or just TLD com.
The latter, BUT unless things have changed, you need to specify what
kind of header it appears in, e.g (and yes, these are real entries):
Connect:xyz REJECT
From:xyz REJECT
The former rejects all mail 'Received: from' any hostname *.xyz
The latter rejects mail with 'envelope-from' any address@*.xyz
For example, this (digest) message had first headers of:
Return-Path: <owner-freebsd-questions at freebsd.org>
Received: from mx2.freebsd.org (mx2.freebsd.org [8.8.178.116])
by xxxx.nimnet.asn.au (x.yy.z/x.yy.z) with ESMTP id v04C0M0x055062
for <smithi at nimnet.asn.au>; Wed, 4 Jan 2017 23:00:28 +1100 (EST)
(envelope-from owner-freebsd-questions at freebsd.org)
Return-Path: is often, usually, but NOT always = envelope-from
Connect:mx2.freebsd.org ACCEPT
would accept all mail 'Received: from' hostname mx2.freebsd.org
From:freebsd.org ACCEPT
would accept mail from or _claiming_ to be from any address at freebsd.org
That is: envelope-from addresses, as most other headers, can be forged,
whereas Connect: hostnames are returned by DNS lookup on the IP address,
and generally speaking can be relied upon - if your DNS server can be :)
cheers, Ian
More information about the freebsd-questions
mailing list