List those aliases (which are local) in a file:
LOCAL_CONFIG
F{Internal}/etc/mail/intern.only
Then the rules work like this:
LOCAL_RULESETS
SLocal_check_rcpt
# if the recipient isn't internal, they get the mail
R$+ $: <@> $>3 $1
R<@> $={Internal}<@$=w.> $: <$1@$2>
R<@> $={Internal} $: <$1@$j>
# no internal alias
R<@>$+ $@ OK
# check to see if the sender is local
R$* $: $>3 $&f
R$+<@$=w.> $@ OK
# empty sender: accept (RFC 1123)
R<@> $@ OK
R$+ $#error $: 551 $&f not allowed to send to recipient
Before 8.9, you have to use Scheck_rcpt instead of SLocal_check_rcpt.
The ruleset works like this:
A more sophisticated ruleset has been posted to comp.mail.sendmail .
A slightly better solution is to check the relaying host instead of the sender address, however, this requires that you don't have other servers "in front" of the one that performs these checks.
LOCAL_RULESETS
SLocal_check_rcpt
...
# check to see if the sender is local
R$* $: $&{client_name}
# or some other class instead of m
R$*$=m $@ OKSOFAR
R$* $#error $: 551 $&f not allowed to send to recipient
You can also use $&{client_name};
or you can lookup the name/address in the
access map.
A much better solution is possible in sendmail 8.10 using SMTP AUTH. It requires that the sender is authenticated, for example:
LOCAL_RULESETS
SLocal_check_rcpt
...
# check to see if the sender is local
R$* $: $&{auth_type}
R$+ $@ OKSOFAR
R$* $#error $: 551 $&f not allowed to send to recipient
Of course you can use also other
AUTH macros such as
{auth_authen}
or
{auth_author}
to provide even finer access control.
LOCAL_RULESETS SLocal_check_rcpt R$* $: $1 $| $>"Protect" $1 R$* $| $#$* $#$2 R$* $| $* $: $1 $| $>"Restrict" $1 R$* $| $#$* $#$2and rename the other rulesets:
LOCAL_RULESETS SProtect ... SRestrict ...