MTA: Sendmail

Table of Contents

Configuration
SMTP authentification
SSL configuration
Protecting daemon accounts

Protecting daemon accounts

by ross at 07:22:48 on October 28, 2011

There are system accounts that should not receive mail. They usually have a UID number between 1 and 999. For example, daemon or operator accounts.

There is a way to protect these accounts:

Edit /etc/mail/YOUR-HOSTNAME.cf:

FEATURE(`access_db')

Rebuild config files and restart sendmail:

# cd /etc/mail
# make cf
# make install
# make restart

Here is a simple one-liner to fill the file (this is a single line):

# >pw usershow -a | awk -F: -vOFS= '{ if ($3 != 0 && $3 < 1000) 
 print $1,"@\t\t\tERROR:\"550 This account does not accept or read mail\"" }'

Example output:

[email protected]                 ERROR:"550 This account does not accept or read mail"
[email protected]                       ERROR:"550 This account does not accept or read mail"
[email protected]                    ERROR:"550 This account does not accept or read mail"
[email protected]                    ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                    ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                       ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                        ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                    ERROR:"550 This account does not accept or read mail"
[email protected]                    ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                       ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                   ERROR:"550 This account does not accept or read mail"
[email protected]                  ERROR:"550 This account does not accept or read mail"
[email protected]                        ERROR:"550 This account does not accept or read mail"
[email protected]                 ERROR:"550 This account does not accept or read mail"
[email protected]                        ERROR:"550 This account does not accept or read mail"

Add the output to /etc/mail/access file and then:

# cd /etc/mail
# make maps

 

Comments