Hello,
Thank You very much for taking the time to write back to this issue. I think after all that the LDAP idea (or some other way of transferring the valid users/aliases list) is the one most likely to work.
What I don't understand of Your "forward.domain.tld" approach, is why another domain (like "forward.domain.com") should not produce the 550 User Unknown message to the backup MX. In my eyes, it will do the same, but I might give it a try on a domain and see what happens.
regards,
Lorenzo
On 25. Mai 2004, at 0:46, Sam Varshavchik wrote:
Lorenzo Perone writes:
Hello,
I'm asking here if someone has a strategy suggestion for the following scenario:
I'm using courier as the main SMTP server, and another host running Sendmail as a Backup. The backup MX doesn't know about which accounts exist on the courier MySQL DB, and never will; thus it has to accept all the mail for the specified domains. MX. So far, so good.
What happens is that when someone (mainly spammers, who are always the
most informed about mta shortcomings ;)) uses the backup MX for sending
to
non-existant accounts, the backup MX accepts them, and routes them to
the
courier server, who rejects them. Especially in case of invalid envelope
Senders, the Backup MX postmaster gets spammed with non-delivery
messages.
Is there anything I can do to avoid this on the _courier_ side? Ideally,
courier would trash messages to invalid recipients originated by the
backup MX, leaving the backup MX in peace.
I presume it will be difficult to accomplish, but maybe someone here has dealt with such an issue already and has a smart idea to share...
For example, suppose that you're providing backup MX for domain.com.
Make arrangements with the domain's owner to install an internal hostname
alias, such as “internal.domain.com”, or “forward.domain.com”. The primary
mail server should be programmed so that any mail received for
[EMAIL PROTECTED] gets delivered to [EMAIL PROTECTED]'s mailbox. The
hostname “internal.domain.com” doesn't even have to be in DNS, it just needs
to be recognized by the mail server as a local domain.
On your Courier server, replace “domain.com” with “internal.domain.com” in
esmtpacceptmailfor, and also “internal.domain.com: [ip.address]” in
esmtproutes. If “internal.domain.com” hostname has a public A record,
esmtproutes does not need to be set up.
Then, create a simple alias file:
[EMAIL PROTECTED]: [EMAIL PROTECTED] [EMAIL PROTECTED]: [EMAIL PROTECTED] …
And so on. Now, Courier will accept mail only for the listed mailboxes and
forward it, everything else will be rejected.
If you're handy with scripting you may even automate it by allowing the primary domain's owner to update the alias file by scp-ing it over, and re-running “makealiases”.
The alias file may even be kept in LDAP, in which case you're out of the
loop completely. Your own duty would be to set up courierldapaliasd to
query the primary domain's LDAP server, and the primary domain is completely
responsible for maintaining his own alias table.
------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_id?66&op=click _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
