classic dictionary attack problem with mail gateways. i've set up a few
gateway servers that would get tens of thousands of invalid recipient
emails per day, all of which would then have to be bounced (usually to a
forged sender, creating yet another problem).
i know sod all about sendmail, but postfix has a verify function that
performs this lookup -before- closing the initial smtp session. if the
recipient is bogus, it does a lookup first and rejects the message if
the recipient is bogus. it's very easy to set up.
Paul G. Szabady wrote:
Folks,
I'm running a RHEL 4.2 server w/sendmail (8.13) as a mail gateway. I
currently use a mailertable entry to forward email to an exchange server
after some basic spam, av, and rbl filters. The problem I'm facing is all
the spam that gets by it which is destined for ficticious users gets
bounced back to the gateway server. (I'm not rejecting or discarding
spam, just marking it.) I'm getting 350 +/- NDA bounces a day! I believe
I can use Sendmail's built-in ability to perform LDAP queries for valid
users (a.k.a. smtp addresses) in the active directory / exchange
environment. If I understand it correctly, this query takes place during
the smtp layer and will bounce the email for unknown users immediately
(from the gateway/linux server, rather than the current situation which
lets the email into the exchange store and attempt to send a NDA to the
sender, which is now my mail gateway.
I've been looking around for a HOWTO, but can't seem to find one. Does
anyone have any suggestions on where I might find a simple HOWTO? I dread
the thought of having to dig into the bowels of ldap to figure it if
someone's already documented it. ;(
Thanks in advance!
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
