----------------------
5XXSINK Release 0.5.01
12/12/2005
*****
Release notes for this version:
[ + Added feature ]
[ * Improved/changed feature ]
[ - Bug fix ]
[ ^ Cosmetic/naming change ]
[+] Added new feature, RHS PRESCANNING, to help with processing of
large recipient lists under certain circumstances. The prescan.txt
file, if it exists, is scanned before the rcptlist.txt. If a match is
found, processing continues in rcptlist.txt. If no match, 550 is
returned immediately. If no prescan.txt is found, the feature is not
enabled.
The intent of prescan.txt is that it can be a global repository for
allowed RHS (right-hand-side, i.e. domain) strings. You list all of
your domains in prescan.txt as follows:
@example.com
@example.net
etc.
When messages are processed, they are FIRST matched against this list.
This allows you to cut down the initial scan for recipients at
_unknown_ domains substantially; for example, if you have 100 hosted
domains with 100 users each, and you are the erroneous victim of a
directory harvesting attack against a domain you DO NOT host,
rejections with prescan.txt in place will take 1% of the time they if
the entire rcptlist.txt were scanned! However, be somewhat careful:
scanning prescan.txt does add its own overhead. If you are not
concerned about such pure-DoS attacks, you will end up lengthening the
lookup time for each recipient, though likely the effect would be
negligible.
NOTE #1: if prescan.txt is enabled, users _must_ have their domain
listed in prescan.txt AND their username in rcptlist.txt (or, if they
are in a wildcard domain, they must have that domain listed in
prescan.txt _and_ in rcptlist.txt).
NOTE #2: RHS prescanning is not the same as domain wildcards. Do not
be confused. See below.
[*] Official support for DOMAIN WILDCARDS. This support in fact
existed previously, but I was determined to discourage people from
using it, since I'm such an opponent of 'nobody' setups. Well, a few
people wrote to me and changed my mind. Anyway, when you enter
wildcards, you do not use the asterisk (*) character. You simply enter
domain names like so:
@example.com
[EMAIL PROTECTED]
@example.net
[EMAIL PROTECTED]
You may as well put your domain wildcards at the top of your list, so
they get processed first. You're going to need all the help you can
get processing the backscatter. . . .
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
------------------------------------
---
[This E-mail was scanned for viruses by Declude EVA www.declude.com]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". The archives can be found
at http://www.mail-archive.com.
