Sendmail restrictions and frontends

Mon Mar 11 22:56:56 EST 2002

On Mon, 11 Mar 2002 9:30 pm, Daniel McNamara wrote:
> Hi guys,
>
> I've got a bit of a problem that's driving me insane. I have been asked to
> set up a sendmail server in the office which is to handle outgoing mail
> only. So it's to be a relay only server. Using the /etc/mail/access
> database I've locked down which IP can use the server for outgoing relay
> but my bosses want me to take it one step further.
>
> They also want a check in place that checks the "From" field from users
> within our IP range so that only email that says that it's from one our
> domains will be relayed through. So basically:
>
> User from IP range can send mail as if from joe at domain-we-own.com but NOT
> joe at aol.com
>
> We have this set up already using a commercial NT mail server but due to
> crippling licensing costs the bosses want to move to more open source
> initiatives, however without this feature they won't even consider it. I'm
> pretty sure it can be done (I'll be very surprised if it can't) however I'm
> having huge difficulties in figuring out exactly how to do it. I've
> attempted to read a lot of sendmail doco but I can not understand a lot of
> it and since I'm not sure what I'm looking for I could be looking in
> completely the wrong places. Has anyone out there had to set up anything
> like this? Or at least have any idea on I would start looking?
>
> On another topic another requirement to getting this machine of the ground
> is that I need to have an easy to use click n drool GUI (web based is fine)
> for the bosses to use to control the sendmail server (mostly just to
> add/remove from the lists of allowed relay domains). So far I've tried
> playing with Webmin but I can not seem to get it to do what I want not to
> mention documentation for Webmin is just about non-existent. Any other
> systems that people are aware of that is easy to set up and maintain? Or at
> least how to use Webmin for the purpose outlined above?
>
> I am using Red Hat 7.2 which has sendmail 8.11.6-3 installed. I would
> prefer to learn how to hack the m4 files myself for any initial set-up
> rather than use tools such as linuxconf. Also if anyone thinks it would be
> easier to use a different MTA I am more than open to suggestion. At this
> point in time any ideas would be good.
>
> Any help would be great
>
> Cheers
>
> Daniel

The Mitel SME server (previously E-smith and still hosted at 
http://www.e-smith.org) uses a combination of qmail and obtuse-smtpd.  
Obtuse-smtpd's homepage is http://www.obtuse.com/smtpd.html.  I'm not sure 
what else you want the machine to do, but the SME server may already do what 
you want out of the box, and if not I'm pretty sure it would be an relatively 
easy config adjustment to get it to do so.

SME has it own quite respectible web-based interface, and you could configure 
it to only accept mail with FROM addresses within the virtual domains that it 
knows about. (It may already do this.)  Adding and deleting virtual domains 
is a couple of mouse clicks within the web interface.

SME can be used as a free GPL download (no support), or purchased with 
support and extra features such as virus scanning.  If your bosses are 
complaining about licensing costs, then I suspect that even the supported 
version with full virus checking would be quite a bit cheaper than your 
current system.

If you want to stick with a standard RH solution, then perhaps have a look at 
PostFix.  The following post would sum of what I have seen discussed about 
the MTA's.  http://www.linux.ie/pipermail/ilug/2000-June/018642.html

I should qualify this and say that the only MTA that I have had responsiblity 
to managing is qmail within a SME server - so it is the only one I have real 
first hand knowledge of.  I have (attempted) to read sendmail config files 
and quickly decided that I have *much* better things to do with my time.

Rasjid.