Sendmail Ruleset: Simple IP based access

The purpose of the following Sendmail rules is to restrict access to a list of local recipients based on the IP address of the sender.

The following rules should be inserted into sendmail.mc after the feature and macro definitions and before the mailer definitions.

If you are intending to use this software for anything at all, please note that it comes with NO WARRANTY. If it breaks, you alone are responsible for picking up all of the pieces.

LOCAL_CONFIG
F{Home_aliases} /etc/mail/home-aliases
F{Home_IPs} /etc/mail/home-ips
LOCAL_RULESETS
######################################################################
### Only IP addresses and subnets in class Home_IPs are allowed
### send to local recipients listed in class Home_aliases.
######################################################################
SLocal_check_rcpt
R $*			$: $>canonify $1	Focus on hostname of recipient
R $+ <@ $+ > $*		$: $( dequote $1 $) <@ $2 >
R $={Home_aliases} <@ $=w . >	$: $>Home_ip_lookup	Listed rcpt
R $+ <@ $+ >		$@ OK remote recipient
R $+			$: $( dequote $1 $)	Username only in address
R $={Home_aliases}	$: $>Home_ip_lookup	Listed rcpt, check IP
R $*			$@ OK rcpt not in restricted access list

SHome_ip_lookup
R $*			$: $&{client_addr}
R $={Home_IPs} $*	$@ OK friendly IP address
R $*			$#error $@ 5.1.1 $: "550 User gone fishing"

The above rules use two files to control access. The file /etc/mail/home-aliases conains a list of the local recipients for whom access is to be controlled. The file /etc/mail/home-ips contains a list of "friendly" IP addresses. Complete or partial (what was class A, B or C in the days before CIDR) addresses may be specified.

Example /etc/mail/home-aliases

all
staff
discussion

Example /etc/mail/home-ips

127.0.0.1
192.168

The above rules may be downloaded from here.

Navigation

Sendmail Ruleset: Simple IP based access

Example /etc/mail/home-aliases

Example /etc/mail/home-ips

Also in this section

Feedback