The Local_check_ Rule Sets

The rapid spread of the Internet has led to an increase of mail abuses. Prior to V8.8 sendmail, detecting and rejecting abusive email required that you write C-language code for use in the checkcompat/( ) routine (see Appendix D). Beginning with V8.8 sendmail, important and useful checking and rejecting can be done from within four pairs of complementary rule sets. They are presented in the order that sendmail calls them:[2]

Local_check_relay and check_relay

Validate the host initiating the SMTP connection.

Local_check_mail and check_mail

Validate the envelope-sender address given to the SMTP MAIL command.

Local_check_rcpt and check_rcpt

Validate the envelope-recipient address given to the SMTP RCPT command.

check_compat

Compare or contrast each pair of envelope-sender and envelope-recipient addresses before delivery, and validate them based on the result.

These routines are all handled in the same manner. If the rule set returns anything other than a #error or a #discard delivery agent, the message is accepted. Otherwise, the #error delivery agent causes the message to be rejected or deferred (error), whereas the #discard delivery agent causes the message to be accepted, then discarded (discard).

Local_check_relay and check_relay

V8.8 sendmail supports two mechanisms for screening incoming SMTP connections. One is the libwrap.a mechanism, the other is this check_relay rule set. V8.9 sendmail adds a third mechanism, the access database (Section 7.5).

The Local_check_relay ...

Get Sendmail, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.