I'm trying to work out what is a sensible configuration for servers
without local delivery. I want to send just about anything sensible to
a local relay but I also want to filter out non-existent user addresses
as early as possible to avoid backscatter problems.
Specifically:
- the MTA is on every server for use by local processes sending
occasional mail
- processes can submit mail using the mail command or localhost:25
- if mail submitted without a domain, append example.org
- if a process submits mail to any of these
user@hostname
[email protected]
[email protected]
[email protected]
user@localhost
then I would like to
a) check if user is a local UNIX user known to the host where the
MTA is running
b) if not a UNIX user, reject the mail immediately (to avoid
backscatter)
c) otherwise, rewrite to [email protected] and then send to the local
relay server
- ensure that there is no risk of the MTA trying to do local delivery
It seems easy enough to do all of that without validating the username,
just rewriting *@hostname, etc to *@example.org - but then there is the
risk of backscatter from the relay if [email protected] does not exist
