Gordon Messmer wrote at 9:55 PM (-0700) on 9/18/10: >Just so you know, I'm not associated with Courier::Filter. :)
Erhm... yes, I guess I meant to greet Julian instead (obviously you exist in my mind as "the courier filter guy"...) Nonetheless I do appreciate your response :) >Yep, that's the only possibility wither courierfilter. You can't reject >on individual recipient addresses using that API. I suppose in a properly-functioning situation, that oughtn't really be a problem anyway because any message to a defunct address (even along with a legitimate one) is most likely spam. Anyway, if this were actually working, the spammy message should have been rejected outright by the secondary MX upon receipt. Instead it was apparently accepted and attempted delivery to the primary (where it failed). >All of your MXs *MUST* apply the same rules to incoming mail. If you >feel that you must have a backup MX, then don't put your domains into >"esmtpacceptmailfor" and expect everything to work. You need to put >your domains in hosteddomains as well, and you need to build an alias >file that contains a list of all of your valid addresses. If you have >wildcard (dot-courier-default) addresses, they probably just won't >work through the backup. Ok, this differs from my current practice; on the secondary I have an empty hosteddomains. I'm using authmysql for everything (it facilitates ease of management and transparency compared to litering hidden dot-files around the filesystem). The DB is of course replicated between both hosts. As such, the valid account tables and inbound filtering rules should be the same on both. I suppose that in the absence of hosteddomains, though, no validation or filtering is being done beyond the domain-part. Did my secondary accept the message because the filter was never evaluated due to the domains' presence in "esmtproutes"? >The alias file should direct all valid addresses to your primary MX. What do you mean by this? Are you alluding to esmtproutes? >Your primary MX should also be configured to accept all mail from your >backup, without any kind of filtering. Apply the same protection to >your backup MX that you do to your primary, and don't double-filter. That should be the case, or at least, so has been my intention. On the primary, I have the an entry in smtpaccess for the secondary with "allow,RELAYCLIENT"... but will that in and of itself suppress any filtering? Thanks for your help, b -- Ben Kennedy (chief magician) zygoat creative technical services http://www.zygoat.ca ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
