Maintaining a MailServer is really a all time headache for Mail Server Admins, specifically to prevent SPAM relayed from you Server or delivered to your server.
In this article we would use some inbuilt feature of Sendmail to block users from sending mail to specific users or domains, this can be attained in many ways but i have done it in the below manner. For any issues please comment at the bottom of the post.
Sendmail is Oldest Mail transfer agent used by major of the MSP's (Mail Service Providers) all over the world, with its huge forum, mailing list and IRC Support and help it has gained high name within its competitors.
When Do i need to block a user or IP?
Reasons Are Many
1. Spamming done from your domain.
2. Spamming happening from outside to your server.
3. Spamming from a particular IP.
4. Wants to reject relaying mail for a user (Used incase allowed to just fetch mails, no sending allowed)
5. Any Many More...........
To block the user or IP we will be using access file / database included in the sendmail, Access Database provides a single, central database with rules to accept, reject, and discard messages based on the sender name, address, or IP number. It is enabled with the access_db configuration feature.
1. Enable the Access Database in Sendmail
You have to make add or declare the following lines in your sendmail.mc file
FEATURE(`access_db')
The above line added in the sendmail.mc enables use of the access database, and enables the default database type and path as:
hash /etc/mail/access
2. Create the access Database
Edit the File /etc/mail/access, the entries should be inorder
key value
The lefthand column is the key which is composed of a prefix and an address expression, this can contain hostname, email address, IP address, networks etc
The righthand column contains the value, which can be keywords or values that determine what should be done with the item described on the left or in a layman langauge the action to be executed, the preferable values are OK, RELAY, REJECT, DISCARD, SKIP, ERROR:XYZ text.
Eg :
spam@goo.gle.com REJECT
10.0.0.35 REJECT
192.168.1.100/255.0.0.0 REJECT
From:spammer@somedomain.com REJECT
To:trusteddomain.org RELAY
Connect:2trusteddomain.com OK
Connect:ashwin.com RELAY
From:good@domain.com OK
From:anotherbaddomain.com REJECT
To be able to block specific sender to specific recipient you need to add the following line in sendmail.mc to enable compat.
FEATURE(`check_compat')
Then make the following entries in access file (Location : /etc/mail/access)
Compat:extsender@mydomain.com<@>recipient@outdomain.com DISCARD
After confirming all the entries as per your requirement in access file, we have to recreate the access in hash database for which execute the below command
cd /etc/mail
makemap hash access < access
m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
Restart the sendmail service
/etc/init.d/sendmail restart
Testing
telnet to_your_mailserver_ip 25
mail from:internaluser@example.com
Ok
rcpt to:spam@goo.gle.com
REJECTED
Enjoy..