On Thu, 2005-10-06 at 13:08 -0400, Frank Marsolais wrote: > >"Martin J. Dellwo" wrote: > >> > > >> I have implemented an access.db with FEATURE(`access') in sendmail, with > >> lots of 'To:<someword>@domain.com REJECT' lines to block unknown users > >> (or currently unknown but former users). Does this get checked before > >> or after MIMEDefang? How would I distinguish this in the mail syslogs> > >> (I have pretty high logging level turned on). If the user is unknown on > >> the system and would therefore be rejected anyway, am I gaining anything > >> by using the access.db? > > >To blacklist a recipient, you must have the blacklist recipients feature > >enabled. If you have blacklist recipients enabled, it would get checked > >before MIMEDefang. > > >If you really want to blacklist recipients, use the virtusertable -- it > >is MUCH simpler. In fact, we have found the easiest way to bounce email > >for any user that does not exist any longer is to list all valid users in > >the virtusertable, then create an entry such as: > > >@ourdom.com ERROR:5.1.1:"550 No such user in domain ourdom.com" > > >Or, you could explicitly reject a former user by: > >joe at ourdom.com ERROR:5.1.1:"550 Joe don't live here no more" >
Sendmail's default bounce message for blacklisted recipients is "Mailbox disabled for this recipient" when invoked from the access file. What we actually do is use blacklist_recipients and then create our access.db file to resemble: TO:ourdomain REJECT TO:[EMAIL PROTECTED] OK TO:[EMAIL PROTECTED] OK TO:[EMAIL PROTECTED] OK This is especially useful on inbound (MX) machines where the final users are not local to that machine (and where virtusertable would have to rewrite the username to have it be delivered to the next hop) Sven _______________________________________________ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
