Hello everyone!
I would like to use accessdb to block certain recipient domains and
only allow some addresses to be locally delivered (to avoid backscatter attacks).
First, I only test to block one address.
For me, that looks fine and means the access db hash database includes
the option.
m@srv1:/etc/mail$ sudo sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
/map access To:bla@test.dorfdsl.de
map_lookup: access (To:
bla@test.dorfdsl.de) returns REJECT (0)
Although, the MTA doesn't care about it.
m@srv1:/etc/mail$ sudo /usr/lib/sendmail -bv
bla@test.dorfdsl.de bla@test.dorfdsl.de... deliverable: mailer esmtp, host test.dorfdsl.de,
user
bla@test.dorfdsl.de m@srv1:/etc/mail$
define(`_USE_ETC_MAIL_')dnl
include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
VERSIONID(`$Id: sendmail.mc, v 8.17.1.9-2 2023-01-11 23:26:28 cowboy
Exp $') OSTYPE(`debian')dnl
DOMAIN(`debian-mta')dnl
undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS= FEATURE(`no_default_msa')dnl
DAEMON_OPTIONS(`Family=inet6, Name=MTA, Port=smtp')dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP, Port=submission, M=Ea')dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP, Port=submissions, M=sEa')dnl define(`confPRIVACY_FLAGS',dnl `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
define(`confCONNECTION_RATE_THROTTLE', `15')dnl define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
FEATURE(`use_cw_file')dnl
FEATURE(`access_db',, `relaytofulladdress')dnl FEATURE(`blocklist_recipients')dnl
define(`confBAD_RCPT_THROTTLE',`3')dnl
include(`/etc/mail/sasl/sasl.m4')dnl
TRUST_AUTH_MECH(`PLAIN')dnl
define(`confAUTH_MECHANISMS', `PLAIN')dnl include(`/etc/mail/tls/starttls.m4')dnl
dnl Conf lines for certificate, removed here for simplicity FEATURE(`virtusertable')dnl
VIRTUSER_DOMAIN_FILE(`/etc/mail/virtuserdomains')
define(`confLOCAL_MAILER', `cyrusv2')dnl MAILER_DEFINITIONS
MAILER(`local')dnl MAILER(`cyrusv2')dnl MAILER(`smtp')dnl
access db is listed in .cf:
m@srv1:/etc/mail$ grep ^K /etc/mail/sendmail.cf
Kresolve host -a<OKR> -T<TEMP>
Karith arith
Kmacro macro
Kdequote dequote
Kaccess hash -T<TMPF> /etc/mail/access
Kvirtuser hash /etc/mail/virtusertable
m@srv1:/etc/mail$
What is the problem?
--
kind regards
Marco
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)