The rapid spread of the Internet has led to an increase of mail abuses. Prior to V8.8 sendmail, detecting and rejecting abusive email required that you write C-language code for use in the checkcompat/( ) routine (see Appendix D). Beginning with V8.8 sendmail, important and useful checking and rejecting can be done from within four pairs of complementary rule sets. They are presented in the order that sendmail calls them:
Validate the host initiating the SMTP connection.
Validate the envelope-sender address given to the SMTP MAIL command.
Validate the envelope-recipient address given to the SMTP RCPT command.
Compare or contrast each pair of envelope-sender and envelope-recipient addresses before delivery, and validate them based on the result.
These routines are all handled in the same manner. If the rule set
returns anything other than a
#error or a
#discard delivery agent, the message is accepted.
#error delivery agent causes the
message to be rejected or deferred (error),
#discard delivery agent causes the
message to be accepted, then discarded (discard).
sendmail supports two mechanisms for screening
incoming SMTP connections. One is the libwrap.a
mechanism, the other is this
check_relay rule set.
V8.9 sendmail adds a third mechanism, the
access database (Section 7.5).