[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: restricted relaying



Matti Aarnio wrote:

> On Wed, Dec 01, 1999 at 05:53:20PM +0100, E.Colanski wrote:
> > Nobody answered me but I need immediate answer. So I resend it.
> >
> > How to set up in zmailer 2.99.51, that my gateway accepts messages from
> > ONE given IP in internet in two cases:
> > -when sender is from my domain, no matter of receiver
> > -when receiver is from my domain, no matter of sender
>
>   Your question isn't very clear..

Ok. Let me explain more exactly. One of our workers had to go out of the company. And sometimes he
has possibility to use computer with given IP.
I want to setup that when he connects from this IP (which isn't from my domain) and he says:
mail From: <user@mydomain.com>
rcpt To: <whoever@wherever.com>
such message is accepted.
But when somebody from the same IP tries to send mail with
mail From: <user@not_my_domain.com>
rcpt To: <user@not_my_domain.com>
it's rejected.

Is it clear enough?

>   Have you, by change, read  doc/guides/smtp-policy  ???

Obviously.

> > Setting in smtp-policy.dat
> > x.x.x.x/32        relaycustnet +
> > causes relaying all post from this host with no matter of sender and
> > receiver addresses
>
>   Don't place things directly to generated  smtp-policy.dat
>   (nor smtp-policy.src) Use  $MAILBIN/policy-builder.sh  script.
>
>   The   policy-builder.sh  script has following fragment:
>
>   # smtp-policy.relay
>   # (Lists NETWORKS (NO DOMAINS!) that are allowed to use us as relay)
>   # (well, actually it could also list e.g.: ".our.domain" if it would
>   #  be fine to allow relaying from anybody whose IP address reverses to
>   #  domain suffix ".our.domain")
>   if [ -f smtp-policy.relay ] ; then
>     cat smtp-policy.relay | \
>     awk '/^#/{next;}
>         {printf "%s  %s %s %s %s %s %s %s %s = _full_rights\n",$1,$2,$3,$4,$5,$6,$7,$8,$9;next;}'
>   fi
>
>   That is, macro '_full_rights' carries bulk of the setup flags,
>   but others can be added as well.
>
> > I'll appreciate quick answer.
> > E.Colanski
>
> --
> /Matti Aarnio   <mea@nic.funet.fi>

No, suggestion above is not good for my situation...
Next suggestion, please.

E.Colanski