Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84 +MMDF+MULTI+2.11; site kcl-cs.UUCP Path: utzoo!watmath!clyde!burl!ulysses!allegra!bellcore!decvax!genrad!mit-eddie!godot!harvard!seismo!mcvax!ukc!kcl-cs!t From: t@kcl-cs.UUCP (Lee McLoughlin) Newsgroups: net.mail.headers Subject: Re: Firewalls in sendmail Message-ID: <151@westcsr.kcl-cs.UUCP> Date: Wed, 27-Feb-85 20:39:32 EST Article-I.D.: westcsr.151 Posted: Wed Feb 27 20:39:32 1985 Date-Received: Mon, 4-Mar-85 05:53:17 EST References: <8577@brl-tgr.ARPA> Organization: /usr/lib/news/organization Lines: 26 Xpath: kcl-cs westcsr west44 >To make things painfully clear: we have access control in place for all >services except mail. We can't just turn off mail access, because we are >a very "distributed" environment -- network mail is a basic fact of >life for getting work done on campus. We need to be able to restrict >mail from a certain class of users to a certain class of hosts, in >sendmail. Does anyone have a method of doing this? I've just finished setting up my MMDF tables to do this locally. Its a little trickier with just uucp, I found a couple of design flaws/bugs in both uucp and MMDF but it all seems to be trucking along now. MMDF will allow you to authorise by host, user or channel, where a channel is a delivery mechanism. In the simple setup here at Kings I just needed a local uucp channel and a network uucp channel (the only difference between the two is different tables of hosts). The current setup is that messages outbound from any of the local machines are checked on a per user basis but relayed network traffic is allowed to pass through (getting rmail to spot the difference between relaying for a remote host and a local one a necessary addition). I can't see why MMDF would fail to solve your needs but I suppose it might if you have an exceedingly warped local enviroment. But I do suggest finding out more about the system if authorisation is a real problem.