Felipe Augusto van de Wiel schrieb: > Hi everybody, > > While setting up a Secondary MX for a friend of mine, he > asked if it was possible to take the same approach of postfix, > listing valid e-mail address and dropping connection if the RCPT > TO is invalid. > > I checked the mail list archive and found the concerns > about how to properly do that because of the lack of LDAP and > the idea that Primary MX wouldn't be available for a query. So, > the idea of this patch is to address a use case where people > want to list valid e-mail address (even with wildcards) that > are accepted. > > It introduces two new control file: > > control/relaydomains: > List the domains that you want RCPTCHECK > > control/relaymailaddr: > List valid e-mail addresses for relays > > > I changed two files, rcpthosts.c and qmail-smtpd.c based > on some references from other patches, the idea is to check if > the domain is listed in relaydomains then it should check if the > RCPT TO exists in relaymailaddr, it seems to work fine so far. > > I'm not sure if this is suitable for inclusion in > qmail-ldap but I would love to get some feedback from people (and > specially qmail-ldap upstream) about potential problems of the > patch and if I should take another approach. > > I really want to stay with qmail-ldap "pristine" as much > as possible, my other changes in the patch were just to make it > easier, so I added relaydomains.cdb in Makefile.cdb. I hope > that there are some interest from other people, I remember that > somebody was using a stock-qmail with validrcptto and qmail-ldap, > I don't know it this patch addresses the same issue, if it does, > hopefully it is easier. > > Patch: qmail-ldap-1.03-relaydomains.patch > Keywords: Secondary MX, Backup MX, Relay MX > Description: add support to list valid recipients when > acting as a secondary MX, the domain is > not listed in control/locals only in > control/rcpthosts. > > Kind regards,
Hello Felipe At first glance I don't see the difference between your new control/relaydomains file and the already existing control/rcpthosts file. One could easily add the domains as wildcards in control/relaymailaddr for the ones who don't use RCPTCHECK (which is bad idea anyway). And I don't really understand the concept of installing/using qmail-ldap without LDAP. In such a situation I would suggest installing an LDAP-Cache or an LDAP-Server with Replication on the Secondary MX. These are the kind of things LDAP was designed for.
