- Advantage: Fine-tunes the permission for relaying by requiring
a fully qualified host name rather than just the domain name.
- Disadvantage: Requires you to specify in either the file
/etc/mail/relay-domainsor the access database the host name of the
system you're permitting to relay. For example, if I use this, my
/etc/mail/relay-domainsfile would have:
Here are the basics of sendmail's antispam features.
By default, if the sender's domain cannot be resolved in DNS, the
mail is rejected. For example:
MAIL FROM: <wkeys@nonexistent> 501 <wkeys@nonexistent>... Sender domain must exist
accept_unresolvable_domains overrides this and accepts mail from any domain
or IP address.
- Advantage: You may have to accept mail from IP addresses if the
senders don't have their headers rewritten to come from a
- Disadvantage: You can be spammed from anywhere. You may be better off
listing known sites with this problem in the access database.
To use the access database feature, your system must support at
least one map type such as NDBM (standard on most commercial systems
such as Solaris) or the Berkeley database (Berkeley DB) 2.X. If you want to use
Berkeley DB, you can obtain it from Sleepycat Software. If you install the
Berkeley version, make sure you build sendmail with the
NEWDB flag (and include
the Berkeley DB libraries and include files).
access_db feature causes sendmail to look in a database map
file (by default
/etc/mail/access.db) and decide whether to accept
or reject mail from a particular user or site. You can even send
a custom error message. This feature can also be used to
control relaying permissions.