On Monday 14 February 2005 12:11 pm, Paul Theodoropoulos wrote: > I'm a little confused about implementation of chkusr. i really want to > implement it, as i'm tired of my paid bandwidth being chewed up by spammers > sending tens of thousands of messages to non-existent addresses. > > instead of having a single, all-in-one server doing everything, i have > three 'gateway' MX servers that messages come into first. they then relay > the messages to a dedicated spam/clam server for filtering. from there, > messages are delivered to the pop server, where customers pick them up. > > is there any way to run chkusr on these 'gateway' MX servers? i use MySQL > authentication. The mysql server is the pop server, and i replicate that on > the primary MX (where the majority of mail comes in). is there any way to > 'hook' into the authentication info in the replicated database directly? > that woudl be ideal, as it should be quite fast. > > but reading the docs, it appears i have to install vpopmail on the server > that's going to run chkusr, and i don't much like the idea of that. i'm a > tad worried that i might suddenly find all incoming messages being > delivered to 'local' and going to the bit-bucket if i turn on chkusr. but > that's just wild speculation at this point - i haven't yet installed > chkusr, pending some insight on the matters above. > > any help appreciated.
You could try one of the goodrcptto patches to qmail-smtpd. We have one we use for gateways to exchange servers. Basicly, you export a list of users to a file. Put that file on the gateway machines. With our patch we build a goodrcptto.cdb file. Then qmail-smtpd checks the cdb file and rejects it if it does not exist. Ken Jones
