Spam with randomly generated recipient addresses is draining our mail system's life away, and it seems the easiest way would be to verify the receiving party's/parties' address against Active Directory and then TEMPFAIL any mails that don't have any valid internal mails (rejects would allow directory harvesting to work).
Our network has a frontline mail filter system running FreeBSD 6.2, Sendmail, milter-regex, Spam Assassin 3.1.8 and Clam AV, which delivers to our internal Exchange server via a smarthost entry. I would prefer to do the check in a milter, if for no other reason than it removes the need to make unorthodox changes to the sendmail configuration files, and they can also be tested offline before being included in the main sendmail configuration, however the one milter I found the seems to provide what I want, LDAPMAP, doesn't seem to compile under FreeBSD (tried both make and gmake). I found LDAPMAP via this link: http://www.issociate.de/board/post/404279/Sendmail_LDAP_access_milter.html So, have I completely missed a milter in the ports tree that fulfils all my dreams, or am I going to have to get a little more exotic? I found milter-ahead (from Snertsoft), but it's no longer free. I found an article (link below) which suggests a rather hacky seeming solution by using LDAP Routing Maps, but I seem to recall reading posts in the past that said that this was a BAD THING(tm) when used in combination with smarthost delivery. http://groups.google.com.au/group/comp.mail.sendmail/browse_thread/thread/e8 0adc7166005b3c/aa657b332703fe6c%23aa657b332703fe6c Am I going to need to use the hacky solution, or is there a cleaner way? I guess what I am trying to avoid is having to set up a duplicate machine so I can test the hacky solution in isolation (I don't feel my understanding of Sendmail is good enough to quickly fix any problems that arise from hacking the config, and the system is already live). Anyone have any suggestions? Has anyone used the hacked LDAProuting method with smarthost and had it work? Maybe I am going to have to hack something together using milter-cli or py-milter to connect up on SMTP port of the Exchange server and do a HELO, FROM and RCPT and see if the account is valid. Am I missing something basic? Currently, we're very happy with the accuracy of our system, but 80% of the spam that hits our quarantine isn't even addressed to someone in the organisation, thus giving us a pile of cruft to go through that is 5 times as big as it should be. Any help or suggestions are appreciated! Chris Martin _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"