Name
${client_addr}
Synopsis
The
${client_addr}
macro is assigned its value when a
host connects to the running daemon. The value assigned is the IP
address of that connecting host and is the same as the IP address
stored in the $_
macro, but without the
surrounding square brackets and other non-IP information.
The ${client_addr}
macro can be useful in the
Local_check_rcpt
(Section 7.1.3)
and Local_check_mail
(Section 7.1.2) rule sets. It can, for example, be used to
detect whether an external host is trying to send external mail
through your outgoing firewall machine:
LOCAL_CONFIG D{ourdomain}123.45.6 LOCAL_RULESETS SLocal_check_mail R $* $: $&{client_addr} R ${ourdomain} . $- $@ OK our domain R $* $#error $@ 5.7.1 $: "550 cannot send out from the outside"
Here, the first rule transfers the value of
${client_addr}
into the workspace. The
$&
prefix (Section 21.5.3)
prevents that macro from wrongly being expanded when the
configuration file is read. The second rule compares the domain part
of your IP domain (that of your internal network) to the workspace.
If they match, the connection is from a host in your internal domain
space. If not, an error is generated in response to the MAIL FROM:
command.
Note that this rule set rejects all mail coming from outside your network, which might be overkill (depending, of course, on what you want). It is really useful only at sites that have two firewalls, one for incoming traffic and one for outgoing traffic. This rule set might go on the outgoing ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.