Consider the following additional security measures for CSSMTP:
//CSSMTP EXEC PGM=IKJEFT01
//SYSTSPRT DD SYSOUT=*
//* The PERMIT for CLASS(JESSPOOL) is needed only if it has already
//* been activated.
//SYSTSIN DD *
SETROPTS CLASSACT(STARTED)
SETROPTS RACLIST(STARTED)
SETROPTS GENERIC(STARTED)
ADDUSER CSSMTP DFLTGRP(OMVSGRP) OMVS(UID(nn) HOME('/')) -
NOPASSWORD NAME('Simple Mail Transfer') OWNER(OMVSGRP)
RDEFINE STARTED OWNER(SYS1) CSSMTP.* STDATA(USER(CSSMTP))
RDEFINE JESSPOOL localnodeid.** UACC(READ)
PERMIT localnodeid.** -
CLASS(JESSPOOL) ID(CSSMTP) ACCESS(ALTER)
SETROPTS GENERIC(JESSPOOL) REFRESH
SETROPTS RACLIST(STARTED) REFRESH
SETROPTS GENERIC(STARTED) REFRESH
RDEFINE FACILITY BPX.CONSOLE UACC(NONE)
PERMIT BPX.CONSOLE -
CLASS(FACILITY) ID(CSSMTP) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESH
The format of the SERVAUTH profile name is EZB.CSSMTP.sysname.writername.originJESnode, where sysname is the system name defined in the sysplex, writername is the CSSMTP configured external writer name, and originJESnode is the JES node that originated the spool file. If this profile is created with UACC(NONE), then only user IDs permitted to the resource are able to have spool files processed by CSSMTP.
For examples of the resource profile definitions, see the EZARACF sample in data set SEZAINST. For information about configuring the external writer name using the ExtWrtName statement, see z/OS Communications Server: IP Configuration Reference.
SETR GENERIC(SERVAUTH) GENCMDS(SERVAUTH)
SETR CLASSACT(SERVAUTH)
RDEFINE SERVAUTH EZB.CSSMTP.sysname.writername.originJESnode -
UACC(NONE)
PERMIT EZB.CSSMTP.sysname.writername.originJESnode -
CLASS(SERVAUTH) ID(userid) ACCESS(READ)
PERMIT EZB.CSSMTP.sysname.writername.* -
CLASS(SERVAUTH) ID(userid) ACCESS(READ)
SETROPTS RACLIST(SERVAUTH) REFRESH
For example, you can create an exit to check the MAIL FROM: string on outbound mail. The mail originator, recipients, and other information can be inspected by the exit, and the entire JES job or a single mail message can be discarded.
You can control the user exit that is used with the UserExit statement:
For more information about the UserExit statement, see z/OS Communications Server: IP Configuration Reference.