> Also, both can be configured to refuse mail for non-existent user > accounts. Which I don't believe Sendmail can.
Of course it can. sendmail can do anything. Never believe anyone who tells you there's something sendmail can't do. It does it by default if it's the final delivery host, if it's not then either use an existing set of rules to do rewrites or write your own. Example (from a backup MX for many domains): KPIuserdb btree /etc/pidata/piuserdb KMIRAuserdb btree /etc/pidata/mirauserdb KZIPuserdb btree /etc/zipdata/zipuserdb F{PIdomains} /etc/pidata/pidomains F{MIRAdomains} /etc/pidata/miradomains F{ZIPdomains} /etc/zipdata/zipdomains LOCAL_RULE_0 R$+<@$={PIdomains}.>$* $: <@P><$(PIuserdb $1:maildrop$)>$3 R$+<@$={MIRAdomains}.>$* $: <@M><$(MIRAuserdb [EMAIL PROTECTED]:maildrop$)>$3 R$+<@$={ZIPdomains}.>$* $: <@Z><$(ZIPuserdb $1:maildrop$)><$2>$3 R<@P><[EMAIL PROTECTED]>$* $#esmtp $@ $2 $: $1<@pacific.net.au.>$3 R<@M><[EMAIL PROTECTED]@$+>$* $#esmtp $@ $3 $: $1<@$2.>$4 R<@Z><[EMAIL PROTECTED]><$+>$* $#esmtp $@ $2 $: $1<@$3.>$4 R<@$-><$+:maildrop>$* $#error $: 553 User unknown to database In this example: for domains in /etc/pidata/pidomains, /etc/pidata/piuserdb contains: user:maildrop [EMAIL PROTECTED] and the domain 'pacific.net.au' is appended for delivery for domains in /etc/pidata/miradomains, /etc/pidata/mirauserdb contains: [EMAIL PROTECTED]:maildrop [EMAIL PROTECTED]@realmailhost for domains in /etc/zipdata/zipdomains, /etc/zipdata/zipuserdb contains: user:maildrop [EMAIL PROTECTED] and the original domain is preserved for delivery ...and users not in the database, but in the any of the domain lists, are flat out refused. Solves the problem of backup MXs accepting email that the primaries have bounced, only to queue it up for days as it can't bounce to the (spam) sender. (and yes, the above could all have been done as per 'MIRAuserdb', it's just that each data source has it's own export method and transport) > I don't know Sendmail at all, but as I said, both SA-Exim 4.20/3.0 and > Postfix 2.0 could be configured to whitelist your ldap users without > altering any SA code. SA-Exim would do that with inclusion in the > exception rule, Postfix with a custom transport. It's always possible, the question is whether it's worth the complexity when you could just do it in SA. After all, SA has a whitelist feature, I don't see a good reason it shouldn't support LDAP in it just because you could do it at another layer - you could do the whole whitelist feature at another layer if you wanted to, but it's still there. David. ------------------------------------------------------- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk