The sendmail that came with RedHat 5.2 by default did not allow relaying. It had to be explicitly enabled, which is very good. Apparently the scheme for permitting relaying has changed in the new V8 sendmail shipped with RH6.0. However, the sendmail.cf file that you distribute with the new sendmail seems to be a kludged up version of the V7 sendmail.cf file probably to make it work with Linuxconf. It no longer defaults to prohibiting relaying. I cannot see any way to stop relaying as all the code from the V7 version that accomplished this is missing and yet the new database (apparently in /etc/mail/access.db) does not seem to be enabled. The mixing of V7 sendmail.cf code with V8 sendmail is very confusing. For example, the /etc/mail/access file from RedHat 6.0 has the following comments: # Check the /usr/doc/sendmail-8.9.3/README.cf file for a description # of the format of this file. (search for access_db in that file) # The /usr/doc/sendmail-8.9.3/README.cf is part of the sendmail-doc # package. yet the sendmail.cf file you ship with RedHat 6.0 has the following: ##### SENDMAIL CONFIGURATION FILE ##### ##### built by root.com on Thu Oct 30 01:33:15 EST 1997 ##### in /usr/src/bs/BUILD/sendmail-8.8.7/cf/cf ##### using ../ as configuration include directory ##### What version are we working with 8.9.3 or 8.8.7 ???? The top of the sendmail.cf that comes with RedHat 6.0 file says: # This file is built out of files in /var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf # If you want to do manual modifications to one file # do not modify files in /var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf, instead # copy the file in /etc/mail/mailconf/ # and do the modification there. # Linuxconf will use your file from now on. # It will even find out that the sendmail.cf # must be rebuilt. OK, no problem, I'll edit anything anywhere. However there is no: /var/tmp/linuxconf-root/usr/lib/linuxconf/mailconf on my system, nor is there /etc/mail/mailconf on my system. The fact that it seems to RELAY by default (the contrary of bug #3178 ????) is a possible security violation. I've solved (kludged) the problem here by making the necessary changes to the RH5.2 sendmail.cf file to work on 6.0. Thanks, Kern Sibbald
The sendmail in 6.0 allows relaying only from localhost by default. (At leats in the default config files. Have you regenerated your config files with the new m4 macros?)