[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: Re: List Bounces - ATTN: List Admin

Subject: [cobalt-users] Re: Re: List Bounces - ATTN: List Admin
From: Charlie Summers <charlie@xxxxxxxxxx>
Date: Fri Sep 7 23:09:16 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

At 2:08 AM -0400 9/8/01, Carrie Bartkowiak is rumored to have typed:

> Good lord, you should see the length of my file...

   He, he...my access file is 37,730 bytes. If yours is a default one created
by the GUI, it'll be MUCH smaller than that. (I have a whole lot of stuff,
including most of China and Korea, in there.  ;)

> >>and makemap:
>
> I'm sorry - first time I've done this. makemap what?

   Any time you edit the access file, you need to create the access.db file
from it so sendmail actually _uses_ the changes. The command should look
something like:

makemap hash /etc/mail/access < /etc/mail/access

   If you don't create the database from the file, none of your changes will
be accepted. (I cheat and have a shell script named makeaccess that does it
for me. But then, I edit my access file routinely.)

> Also, this file has all of my IP addies with RELAY printed after them. I
>assume this is because these addies are in the email parameters in the
>Control Panel of the GUI. But it just made me think - would this allow
>someone who could spoof their IP to relay mail through the box? Should I
>take those IPs out (of the GUI) and only leave the specific domain names?

   No; although I don't much like the way Cobolt decided to do this and think
the whole thing is silly, it doesn't seem to hurt anything. It isn't
_necessary,_ either, but I'm thinking this is a piece of the "secret slime"
that probably shouldn't be touched. Place your changes underneath all that
garbage. (It shouldn't contain your "addies," BTW, it should contain your
domains and IP numbers. "Addies" would be in the /etc/virtusertable file.)

   Spoofing IPs isn't as easy as you think it is...although it can be done,
your provider's routers, correctly configured, wouldn't likely let it
through, so that (at least now) isn't really an issue.

   Once you change the sendmail.cf file, you can do really cool things with
access, like having a catch-all account while rejecting mail targeted to
specific address at that domain. Spend some time reading the configuration
pages at www.sendmail.org - you'll be glad you did.

         Charlie

References:
- Re: [cobalt-users] List Bounces - ATTN: List Admin
  - From: Gerald Waugh
- [cobalt-users] List Bounces - ATTN: List Admin
  - From: Dan Kriwitsky
- [cobalt-users] Re: List Bounces - ATTN: List Admin
  - From: Charlie Summers
- Re: [cobalt-users] Re: List Bounces - ATTN: List Admin
  - From: Carrie Bartkowiak

Prev by Date: Re: [cobalt-users] php-4.0.6.pkg - NO MORE MYSQL ?!
Next by Date: Re: [cobalt-users] sendmail path on qube 3
Previous by thread: Re: [cobalt-users] Re: List Bounces - ATTN: List Admin
Next by thread: Re: [cobalt-users] Re: List Bounces - ATTN: List Admin

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index