afo cliff wrote: > That's a great idea! I tried it but no matter what I do, sendmail is > letting everything through. Virtusertable is configured correctly in > sendmail.mc, also did the appropriate makemap. I think something has > changed in sendmail (I have 8.13.8). I've searched the world over 10 > times and tried many different combinations in virtusertable & > mailertable and no matter what it relays everything.
I push all valid internal addresses out to my inbound MX's virtusertable, and it does reject invalid ones at RCPT. So it's possible. Not as glamorous as using LDAP or something else, but it works. Depending on how you have things set up, you might need to have one or more virtuser entries that map @yourdomain to a 550 error. This is documented on the sendmail web site. Also, with sendmail you can define confBAD_RCPT_THROTTLE in your mc file to slow down dictionary attacks. Of course you have to configure it to reject the bad addresses first. -Matt _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
