Installing and Administering Internet Services

Chapter 4 197

Installing and Administering sendmail

Conﬁguring sendmail to Reject Unsolicited Mail

Screening Incoming Network Connection Requests

The check_relay ruleset allows you to examine incoming network

connections and accept or reject them based on hostnames, domain, or IP

addresses.

To reject relay access to speciﬁc hosts, specify the IP address of the host

in the /etc/Mail/DeniedIP ﬁle.

15.10.43.248

15.10.43.245

You can also specify the name of the host you want to deny access in the

ﬁle /etc/Mail/DeniedNames. You must enter the Fully Qualiﬁed

Domain name, for example, bobcat.rose.hp.com.

Sendmail Validation

The check_compat ruleset compares all senders and receiver pairs

before mail is delivered. It validates the mail based on the results of the

comparison. It checks to see if host A can legally send a message to host

B. check_compat is called for all mail deliveries, not just SMTP

transactions.

It is used in the following situations:

• A set of users who are restricted from sending mail messages to

external domains need to send mail messages to internal; domains.

Both the sender and recipient addresses are checked to ensure that

they are in the local domain.

• A particular user needs to ensure that he or she does not receive mail

messages from a speciﬁc source.

• A particular host needs to ensure that external senders do not use

that host as a a mail relay. The mail messages are screened based on

the sender’s hostname.

Sendmail Anti-Spamming Security

The anti-spamming features enable you to control which users can send,

receive, or relay mail messages on the network. Sendmail provides the

following features:

• Using the Access Database to allow or reject mail from speciﬁc

domains