Results 1 to 2 of 2
i want to block some users to be able to send mail to only local domain and others should be able to send mail to internet. i know how to ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 11-26-2004 #1
- Join Date
- Sep 2004
block some users in sendmail to local
i want to block some users to be able to send mail to only local domain and others should be able to send mail to internet. i know how to do it through iptables. i want a solution to do it through sendmail.
- 11-27-2004 #2
- Join Date
- Jun 2002
- San Antonio
This depends on your OS. I work a lot with RHEL 3, so I will base my guesses on that OS. First, I would make it so the users in question did not have a login shell. I would make their login shell /sbin/nologin. I would then setup a file, lets say /etc/nomailforyou . I would then run:
echo $USERNAME >> /etc/nomailforyou
Then, I would edit the PAM configuration to disallow anyone listed in that file from sending email. I would do this by running:
echo "auth required pam_listfile.so item=user sense=deny file=/etc/nomailforyou onerr=succeed" >> /etc/pam.d/smtp.sendmail
This will make it so the user in question will not be able to send mail through SMTP authentication ever again, since sendmail uses PAM to determine if an external user is eligible to relay mail.
Note, this will not work with people that have local access to the machine. There is no easy or elegant way to disallow someone with login access from sending mail.
SamuelI respectfully decline the invitation to join your delusion.