From owner-freebsd-questions@FreeBSD.ORG  Tue Jun  3 15:15:55 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EB79C37B401
	for <freebsd-questions@freebsd.org>;
	Tue,  3 Jun 2003 15:15:55 -0700 (PDT)
Received: from mail.urchin.com (ns2.quantified.com [63.212.171.3])
	by mx1.FreeBSD.org (Postfix) with ESMTP id CCC1143F75
	for <freebsd-questions@freebsd.org>;
	Tue,  3 Jun 2003 15:15:54 -0700 (PDT)
	(envelope-from dsilver@urchin.com)
Received: from support.urchin.com (support.urchin.com [63.212.171.7])
	by mail.urchin.com (8.12.9/8.12.9) with ESMTP id h53MGG1U007453
	for <freebsd-questions@freebsd.org>;
	Tue, 3 Jun 2003 15:15:54 -0701 (PDT)
	(envelope-from dsilver@urchin.com)
Received: from danzig.sd.quantified.net (web.urchin.com [63.212.171.5])
	(authenticated bits=0)
	by support.urchin.com (8.12.8/8.12.6) with ESMTP id h53MH0xU050813
	for <freebsd-questions@freebsd.org>;
	Tue, 3 Jun 2003 15:16:39 -0701 (PDT)
	(envelope-from dsilver@urchin.com)
From: Doug Silver <dsilver@urchin.com>
Organization: Urchin Software Corporation
To: <freebsd-questions@freebsd.org>
Date: Tue, 3 Jun 2003 15:16:15 -0700
User-Agent: KMail/1.5.1
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-Id: <200306031515.53366.dsilver@urchin.com>
X-Filter-Version: 1.7 (mail.urchin.com)
Subject: Locking down secondary mx sendmail 
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jun 2003 22:15:56 -0000

It seems the spammers like to target secondary mx machines and let those 
machines relay the email to the primary machine.  I've tried setting up the 
virtusertable file to at least reject invalid emails on the secondary mx 
machine, but it seems that sendmail bypasses that when it's doing mx relaying 
for that domain.  So, does anyone have some suggestions to partially lock 
down mx relay machines?

TIA

-doug