From: alan premselaar <[EMAIL PROTECTED]>
I have some comments that hopefully you'll find useful.
Thank you for your time and attention.
Firstly, I would probably check_against_smtp_server before checking the
cache, because you don't have any housecleaning code to handle the case
where an account was deleted within the 30 days of the last cache store.
No, the whole point of this is to avoid the overhead of establishing an
SMTP session for each recipient.
I don't need the housecleaning code, because I expire the cache after X
days.
Maybe 30 days is a big high, so I might lower the timeout.
This could cause your system to potentially accept mail for an unknown
user and thus have to generate an NDS and defeat the entire purpose of
this feature.
This is OK for me and "by design".
Because I will need to send NDR only to a very small bunch of messages
that are:
sent to recipients that was valid not long ago, but is disabled now.
passed virus and spam checks.
So this leaves me with only few messages that are mostly legitimic and
from real sender.
Secondly, I'm assuming that you just haven't gotten around to writing
the code to check the mailertable for the relay host. however, it
doesn't appear that you have a contingency plan for if the host does not
appear in the mailertable.
In all of my "mail relay" installations the destination host is
configurred in mailertable.
I have some installation were the MD machine is also the mailbox server,
but for such sites I don't need to use md_check_against_smtp_server at all,
and therefor the main switch $CheckRecipientEnable will be set to zero 0.
(i.e. what if all or some of the forwarding
is handled by the virtusertable? what if it's aliases?)
In that case I catch it with this line:
if ($CheckRecipientEnable and ($rcpt_mailer ne 'local')) ...
and therefor skip the check (it will be checked against the local users
of sendmail).
you may want to consider an assignable override variable as well so that
way an administrator could give it a fixed value should they choose and
still keep the code fairly portable.
What exactly do you mean?
I have this variable:
my $CheckRecipientEnable = 1;
It is actualy not in /etc/mail/mimedefang-filter, but in a separate
config file that I use,
which is called /etc/mail/mdf-config.
This is where I store the site-specific configuration, such as spamdrop
address,
high score spam handling, admin name and address, etc...
also, there is no guarantee that even if the hostname is configured in
the mailertable that it will be enclosed in square brackets [] ... as,
the absense of the brackets just tells sendmail to actually do a DNS
lookup on the hostname whereas the brackets tell it NOT to do the lookup.
You are correct, and there is also no guarantee that the destination
server is configurred to reject un-known recipients,
as by default MS Exchange servers will accept mail to bad recipient
unless it is manually configured.
This is up to me when I install and configure a mail relay system,
to make sure that I configure both the destination server and the MD
machine to do what I expect it to.
By default, the check is disabled
$CheckRecipientEnable = 0;
and also in /etc/sysconfig/mimedefang I enable the recipient
filter_recipient only for sites that will actually use it.
Again, thank you for your comments.
Yizhar Hurwitz
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
