FEATURE(promiscuous_relay)
Sometimes it is beneficial to set up a mail server
that will relay mail from any host that connects to
it. Consider a main mail-sending machine that exists
behind a firewall. In this example, the mail-sending
machine is separate from the mail-receiving machine.
The mail-sending machine has inbound port 25 blocked
at the firewall so that it cannot receive mail from
anywhere but the internal network. In such an
arrangement, it is simpler to allow any internal
host to relay mail than to specify individual hosts
or domains in the access
database, or with the class $=R, or with authentication.
If this simpler approach is applicable to your site,
and if your network is totally secure around port
25, you can enable unfettered or “promiscuous”
relaying with this FEATURE(promiscuous_relay). You declare
it like this:
FEATURE(`promiscuous_relay')
To underscore the risk associated with this feature, the following warning will be printed each time you build with your mc configuration file:
*** WARNING: FEATURE(`promiscuous_relay') configures your system as open
relay. Do NOT use it on a server that is connected to the Internet!By declaring this feature, you tell sendmail to allow mail received by the local machine from anywhere in the world to be relayed outward to any machine in the world. This opens up the local machine to be used by spam engines worldwide, and almost guarantees that the local machine will eventually become listed by one or more DNSBL sites.
You should ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
