Lorenzo Perone writes:
Hello,
Thank You very much for taking the time to write back to this issue. I think after all that the LDAP idea (or some other way of transferring the valid users/aliases list) is the one most likely to work.
What I don't understand of Your "forward.domain.tld" approach, is why another domain (like "forward.domain.com") should not produce the 550 User Unknown message to the backup MX. In my eyes, it will do the same, but I might give it a try on a domain and see what happens.
Try it first WITHOUT putting the alternate hostname in the esmtpacceptmailfor file. Reviewing what I wrote, I think I made a slight error. Just remove the main domain from the esmtpacceptmailfor file.
regards,
Lorenzo
On 25. Mai 2004, at 0:46, Sam Varshavchik wrote:
Lorenzo Perone writes:
Hello,
I'm asking here if someone has a strategy suggestion for the following scenario:
I'm using courier as the main SMTP server, and another host running Sendmail as a Backup. The backup MX doesn't know about which accounts exist on the courier MySQL DB, and never will; thus it has to accept all the mail for the specified domains. MX. So far, so good.
What happens is that when someone (mainly spammers, who are always the most informed about mta shortcomings ;)) uses the backup MX for sending to non-existant accounts, the backup MX accepts them, and routes them to the courier server, who rejects them. Especially in case of invalid envelope Senders, the Backup MX postmaster gets spammed with non-delivery messages.
Is there anything I can do to avoid this on the _courier_ side? Ideally, courier would trash messages to invalid recipients originated by the backup MX, leaving the backup MX in peace.
I presume it will be difficult to accomplish, but maybe someone here has dealt with such an issue already and has a smart idea to share...
For example, suppose that you're providing backup MX for domain.com.
Make arrangements with the domain's owner to install an internal hostname alias, such as âinternal.domain.comâ, or âforward.domain.comâ. The primary mail server should be programmed so that any mail received for [EMAIL PROTECTED] gets delivered to [EMAIL PROTECTED]'s mailbox. The hostname âinternal.domain.comâ doesn't even have to be in DNS, it just needs to be recognized by the mail server as a local domain.
On your Courier server, replace âdomain.comâ with âinternal.domain.comâ in esmtpacceptmailfor, and also âinternal.domain.com: [ip.address]â in esmtproutes. If âinternal.domain.comâ hostname has a public A record, esmtproutes does not need to be set up.
Then, create a simple alias file:
[EMAIL PROTECTED]: [EMAIL PROTECTED] [EMAIL PROTECTED]: [EMAIL PROTECTED] â
And so on. Now, Courier will accept mail only for the listed mailboxes and forward it, everything else will be rejected.
If you're handy with scripting you may even automate it by allowing the primary domain's owner to update the alias file by scp-ing it over, and re-running âmakealiasesâ.
The alias file may even be kept in LDAP, in which case you're out of the loop completely. Your own duty would be to set up courierldapaliasd to query the primary domain's LDAP server, and the primary domain is completely responsible for maintaining his own alias table.
------------------------------------------------------- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id149&alloc_idÂ66&opclick _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
pgp2z4rwOV2vo.pgp
Description: PGP signature
