This is easily done in sendmail, using the check_mail and check_rcpt rulesets.
Briefly,
use check_mail to reject mail from the internal domain to be blocked. Use
check_rcpt to reject mail addressed to the internal domain.
You may be able to do the same thing even easier with the anti-spam features of
sendmail 8.9, however I haven't used this.
In any case, 'smart' users may attempt to bypass your protections by sending
route-addressed mail to one of the 'allowed' internal hosts.
To: user%blocked(_dot_)host(_at_)unblocked(_dot_)host
Will sail right through your protections, and be merrily forwarded by
unblocked.host. We had trouble with this, and eventually modified sendmail's
Ruleset 3 to strip all route-addresses down to the innermost address. This would
turn the above into:
To: user(_at_)blocked(_dot_)host
Which would then be rejected.
HTH,
-j
Josi Manuel Megmas Sanchez wrote:
Hello, I have installed sendmail 8.9.1a into a proxy server running
FreeBSD 2.2.7, this server connects my intranet with internet. The problem
is that I have configured two different networks and I want limit the access
to internet (don't send and receive) for a especific network but this
network could send and receive mail with the intranet. is it possible?, I
use procmail like local mail.
Thanks in advance.