Hi, I have the following standard settings for postfix doing the RCPT TO: check via sql against the dbmail_aliases table.
sql-recipients.cf: user = xxx password = xxx hosts = 127.0.0.1 dbname = xxx table = dbmail_aliases select_field = alias where_field = alias Here's a working and buggy example: # netcat localhost 25 220 mail.krediidiinfo.ee ESMTP Postfix HELO mail.krediidiinfo.ee 250 mail.krediidiinfo.ee MAIL FROM:<[email protected]> 250 Ok RCPT TO:<[email protected]> 550 <[email protected]>: Recipient address rejected: User unknown in local recipient table RCPT TO:<[email protected]> 250 Ok QUIT 221 Bye The second response to RCPT TO: should have been a 550 too, not 250. The dbmail_aliases table contains only proper "u...@domain" entries, no wildcard stuff like simply a "@domain" or similar. So a there's a problem, when a subhost is specified in the address. Another issue is with when no user is specified. Here's an example: # netcat localhost 25 220 mail.krediidiinfo.ee ESMTP Postfix HELO mail.krediidiinfo.ee 250 mail.krediidiinfo.ee MAIL FROM:<[email protected]> 250 Ok RCPT TO:<@krediidiinfo.ee> 250 Ok QUIT 221 Bye These wrong addresses are often expanded from user typos like "@u...@domain" for example or whatever combination. Spamming postfix with these invalid addresses would result in a DOS. This is postfix 2.2.9 and dbmail 2.2.11 on SLES10SP2. Could a postfix/sql knowledgeable person please refine the sql-recipients file, so invalid addresses would be denied immediately? I have no idea how to do this. Regards, PS: The dbmail news page does not have an announcement for dbmail-2.2.11 final release. -- Aleksander Kamenik System Administrator Krediidiinfo AS an Experian Company Phone: +372 665 9649 Email: [email protected] http://www.krediidiinfo.ee/ http://www.experiangroup.com/ _______________________________________________ DBmail mailing list [email protected] http://mailman.fastxs.nl/cgi-bin/mailman/listinfo/dbmail
