LDAP and sendmail using perl!
William Burns
William.Burns at AEROFLEX.COM
Wed Aug 25 01:06:23 IST 2004
<x-flowed>
Pete wrote:
> Chris Lyon wrote:
>
>> I have been doing some research on how to get sendmail to only accept e-
>> mails from valid systems. I also saw some of the past posts on LDAP and
>> sendmail but I don't have access to the servers nor can I put a vb
>> script
>> on them to pull that information. So instead, I wrote a script to use
>> LDAP
>> to pull all the valid e-mail address from the LDAP tree. So I have
>> all the
>> vaild ones but can't figure out the right way to implement it.
>>
>> Based on my research I image I need to populate the /etc/mail/access
>> file
>> with all the e-mail addresses
>
LDAP is a good way to prevent you from accepting mail FOR non-existent
users.
Your script is one way to use the LDAP routing feature, and it has it's
advantages.
The MAQ discusses the file format that you'd need on the mailscanner
machine.
http://www.mailscanner.biz/maq/#whatifijust
Another (pure LDAP) method is discussed in this thread.
http://www.jiscmail.ac.uk/cgi-bin/webadmin?A2=ind0406&L=mailscanner&T=0&F=&S=&P=55620
And this is discussed in at least one other thread on this list.
Only accepting mail FROM your own servers can be configured w/ the
access file.
Only accepting mail FROM "valid systems" on the internet can be handled
w/ RBLs, and/or the SPF method, both of which have their
advantages+disadvantages, are not specific to mailscanner, and are
discussed in many threads on the mailscanner list, as well as other
mailing lists, and sites all over the internet.
The "deny" (aka anti-relay) feature that you're looking for is default
sendmail behavior.
That's not to say that your distro's sendmail.mc/cf isn't
[mis]configured to allow relaying.
The trick is to make sure that there are not any overly permissive relay
rules in your configs.
Read here for info:
http://sendmail.org/tips/relaying.html
http://sendmail.org/
-Bill
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>
More information about the MailScanner
mailing list