Share real email addresses between MailScanner and Exchange

Alex Neuman van der Hans alex at nkpanama.com
Sat Dec 18 05:35:31 GMT 2004 

Right... If you only have a dozen or so users it's easier to add

To:legitimateuser at yourdomain.com OK
To:anotherlegituser at yourdomain.com OK
To:yourdomain.com mailbox doesn't exist


That's what I've done when there are less than two dozen users.

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf
Of Ken Goods
Sent: Friday, December 17, 2004 1:50 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: Share real email addresses between MailScanner and Exchange

>-----Original Message-----
>From: Casanova, Chase [mailto:Chase.Casanova at RDU.COM]
>Sent: Friday, December 17, 2004 7:48 AM
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: [MAILSCANNER] Share real email addresses between MailScanner
>and Exchange


>Is there a way for Exchange and MailScanner to share their "address books?"
>That way MailScanner could tell the difference between real and fake
addresses
>and just stop processing emails that Exchange does not have a mailbox for?
>This would be a nice thing to have.

>Thanks,
>Chase

Funny this should come up. I just implemented this very thing this morning
and it's working splendidly.

There are several ways to do this as I'm sure you've already found out. :)
And by now I'm sure you realize this isn't a job for MailScanner. I chose
the simplest route for *my* environment YMMV.

I used to use SBL-XBL to reject at the MTA (sendmail) but one of our
business partners got themselves blacklisted so I had to allow this traffic
on Tuesday. This effectively almost tripled our inbound email and the load
on our gateway email server went up to the point of sendmail rejecting
connections (load 12+). So I *had* to do something.

I researched the groups and googled around most of the day yesterday looking
for the least painful way of doing this. I chose to use the virtusertable
route. My initial thought was to use the access (access.db) table but found
out that it does not look at users, only domains. I don't have that many
email boxes on my exchange (5.5) server (about 75 or so) and they don't
change that often so I have no problem hand rolling the virtusertable and
keeping it up to date as people come and go.

I simply exported all the email recipients out of exchange into a file then
wrote a small VB program to parse the file and write it in virtusertable
format, then ran it through todos32 to create a *nix formatted file and
copied it to the server. Since I have 4 email domains on the exchange box I
had to create a file with my domains in it (I named it virtuser-domain) and
put it in /etc/mail. I then had to add one single line to my sendmail.mc:

VIRTUSER_DOMAIN_FILE(`/etc/mail/virtuser-domain')dnl

and then m4 sendmail.mc sendmail.cf

I then did a "service MailScanner stop" and a "service MailScanner start"
and whalla... done! I didn't even have to "makefile hash virtusertable.db <
virtusertable" it just worked! (don't ask me why) The time it took to
actually implement this change was about a half hour. Time reading and
researching the somewhat frustrating and incomplete directions/info I found
around the net ~8 hours.

I can recommend this method fully if:
1. You don't have thousands of users, and 2. Your user base doesn't change
on a daily basis If that were the case I would look harder at LDAP or at
lease scripting what I did and scheduling it.

If this sounds like it may work for you respond with any questions you may
have. I'd also be happy to send copies of the files in question so you would
have "real" examples.

HTH
Ken

Ken Goods
Network Administrator
AIA Insurance, Inc.


------------------------ MailScanner list ------------------------ To
unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and the
archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------ To
unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and the
archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list