The best solution here is probably to put the users in LDAP and
configure the outside mailer to use it but I haven't done that
myself yet. I just periodically grep the logs for the rejections
and stick the frequent ones into sendmail's access list with a
REJECT on the outside machine.
Whoops -- good catch. Forgot to mention that we're using the FreeBSD sendmail-ldap port and doing exactly what you're describing here. This is also not exactly trivial but is doable. It's only a couple of lines in the sendmail .mc file to point it at the right LDAP server, but the crafting of the query for user verification varies. You'll be looking for the following .mc items:
FEATURE(ldap_routing)
LDAPROUTE_DOMAIN_FILE (list of LDAP-handled domains)
define(`confLDAP_DEFAULT_SPEC')-royce
-- ------------------------------------------------------------------------ Royce D. Williams IP Engineering, ACS work: [EMAIL PROTECTED] PGP: 3FC087DB/1776A531 personal: [EMAIL PROTECTED] http://www.tycho.org/royce/ _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
