>! I would need to somehow check the IP address of the remote host
>! sending the mail, and the To: address to the mail, and I am not
>! sure where in the qmail process these two pieces of information
>! are readily available.
At delivery time, the target address is in $RECIPIENT, the incoming IP
address in one of the Received: headers near the beginning of the
message.
>10.:allow,INTERNAL="yes"
>|bouncesaying "You can't send to this address" [ -z "$INTERNAL" ]
>I haven't tested the above, but that's the basic gist of it.
You should have tested it, since it doesn't work. Tcpserver hands its
environment variables to smtpd, but bouncesaying is called much later
in the process from a different program that doesn't inherit the
environment variables.
What I'd do is to put the restricted addresses into .qmail files that
look like this:
| check-local-origin
&user1
&list2
...
And I'd write a little perl script called check-local origin that
reads its input until it finds a "Received: from" header, checks the
IP in that header to see if it's a local one, and returns 0 if it's OK,
otherwise prints "Restricted internal list, go away\n" and returns 100.
I use something like that to keep people from spoofing mail into the
lists that majordomo controls here.
--
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 387 6869
[EMAIL PROTECTED], Village Trustee and Sewer Commissioner, http://iecc.com/johnl,
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail
