Search Text         
Search Tips?
Search By   And   Or   Boolean   Exact Match   TA #
Search In   Whole Doc   Keywords Sort By  
Product   Sub Product  

View Technical Articles (sorted by Product) New/Updated in the last:    7 days      14 days      30 days             
TA # Date Created Date Updated Resolved Issue?   Printer Friendly Version of This TA   Print Article
  E-mail This TA   E-mail Article
104596 07/07/1994 02:30 PM 11/16/2009 03:17 AM
Yes No
How to configure MMDF to prevent mail relaying on a per-host basis.
Keywords
/usr/mmdf/mmdftailor v4.2 authorization /usr/mmdf/log/auth.log MTBL dho MCHN OH HC HH CC CH IH AUTHLOG send recv expire inlog outlog inwarn outwarn inblock outblock insrc outsrc indest outdest smtp rmail global access ga /usr/mmdf/table spam relay
Release 
          SCO UNIX System V/386 Release 3.2 Operating System Version 4.2
Problem 
          I wish to configure MMDF so as to prevent other organizations' mail
          from being routed via my system, for example:

            Z.fu.com       X.bar.com
                ^               ^
                |               |
                v               v
                 "A.internal.com"
                  (Mail Gateway)
                        ^
                        |
                        v
                "B.internal.com",
                "C.internal.com",
                      ...

          I want to allow my systems to both send and receive mail from
          external systems (such as Z.fu.com or X.bar.com), but prevent
          external systems from routing mail to each other via my gateway
          (such as Z.fu.com to X.fu.com via A.internal.com).
Solution 
          MMDF has the facility to apply authorization for channels on a
          per-host basis.

          (1) Add the following entry to define an authorization file in
          /usr/mmdf/mmdftailor:

                MTBL name=authhosts, file="authhosts",
                show="MMDF host/channel authorization"

          (2) Edit the MCHN entry for the channel(s) used to communicate
          with systems external to internal.com and add the entries:

                auth=inblock, outsrc=authhosts, indest=authhosts

          This specifies that only hosts and channels listed in:

                /usr/mmdf/table/authhosts

          should be allowed to route mail in via this channel.  Note that the
          change to the MCHN entry must appear in the file after the MTBL entry,
          or there may be errors from dbmbuild(ADM).

          (3) Edit /usr/mmdf/table/authhosts and add an entry:

                local:

	  to allow mail originating on the local channel (that is, from
	  A.internal.com) to be sent out over this channel and to allow mail
	  received via this channel to be delivered to the local channel (to a
          user on A.internal.com).

          (4) Add an entry for every system that is allowed to send
          mail out via this channel or that shoudl be allowed to receive mail
          via this channel:

                B.internal.com:
                C.internal.com:

          (5) Rebuild the MMDF database using dbmbuild(ADM) and
          restart the deliver(ADM) daemons.

          An example entry is shown below:

                /usr/mmdf/mmdftailor
...
...
...
MTBL name=authhosts,    file="authhosts",       show="MMDF authorization"

MTBL    smtpchn,        flags=ns,       show="DNS fully qualified domains",
        flags=channel

MCHN    smtp, show="SMTP Delivery", ap=822, tbl=smtpchn, mod=reg,
        auth=inblock, outsrc=authhosts, indest=authhosts
...
...
...

                /usr/mmdf/table/authhosts
local:
A.internal.com:
B.internal.com:
C.internal.com:
Related Articles
•  Definition of a global variable "end" causes my program to core dump.
•  Set nodelay() in any window within curses program resets all windows.
•  What termio(M) settings prevent any processing of characters?
•  How does MMDF host authorization work?
Back to Search ResultsBack to Search Results