NDR strategy, [OT]

Martin Hepworth martinh at SOLID-STATE-LOGIC.COM
Mon Feb 2 17:42:29 GMT 2004

Andrea Cogliati wrote:
>>From: Martin Hepworth <martinh at SOLID-STATE-LOGIC.COM>
>>Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
>>Date: Mon, 2 Feb 2004 13:44:16 +0000
>>Subject: Re: NDR strategy
>>There is  way of setting up sendmail so it read from an Active Directory
>>server to validate the email address. have a google around for 'how to'.
> Martin (& David),
> Thanks for the excellent suggestion. I'll definitely look into it. Just a
> preliminary thought: I need to expose at least one DC onto the DMZ through
> LDAP. What are the possible security risks, if any, of this approach?
> Andrea

pretty minimal as it only needs read access on the LDAP port. Another
idea might be to build an access file once a day from the DC, at a set
time and only open the port around that set time - (eg 1am-1.15am).

Depends on how 'risky' you decide this is, and how quickly you want
email changed to propagate.

Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300


This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.


More information about the MailScanner mailing list