Querying other SMTP server for valid addresses?

Fri Nov 19 15:07:52 GMT 2004

> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Garry Glendown
> Sent: Friday, November 19, 2004 9:26 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Querying other SMTP server for valid addresses?
>
> Hi,
>
> I'm running MS for several domains, some of which are receiving
> tremendous amounts of for non-existent mail addresses. As the
> domain itself is handled spam on another MX, I do not have (and probably
> never will) a list of valid recipients - is there a way to set something
> up that will do an MTA check upon receiving a message whether the
> recipient does exist, and then accept (or deny) the message on MTA level?
>
> Tnx, -gg
>

Yes, there is a way. If you use sendmail, you might want to look at
milter-ahead.

        http://www.milter.info/milter-ahead/

I quote from the web site:

"This Sendmail milter (mail filter) allows a gateway mail server to
call-ahead to a relay or internal mail store before accepting mail for
recipients of a message. Think of it as a lazy man's LDAP. It could also be
used by fallback MX servers to verify recipients with the primary MX."

We have milter-ahead working with MailScanner and are just about through
testing it.  It works.

It totally solves the problem of the gateway knowing who are valid users on
the backend mailhubs - with almost no work on the part of the administrator.
This is especially helpful on gateways that scan email for many different
mailhubs.

The only problem is Exchange. My experience is it that "out of the box",
Exchange defaults to blindly accepting email for invalid recipients and then
issues a Non Delivery Receipt (NDR).

I know that Exchange 2003 can be reconfigured to accept email only for valid
recipients and not to issue NDRs. I seem to remember there is a MS
Knowledgebase article on how to re-configure Exchange 2003 to behave a bit
more sensibly. Obviously for milter-ahead to work, the back end mail hub has
to reject email for invalid users.

I don't know if Exchange 2000 or 5.5 can be configured to reject mail for
invalid users. Again if anyone has any tips or suggestions for configuring
2000 or 5.5, please let me know.

Note that milter-ahead should for just about any type of backend mailhub,
sendmail, postfix, Notes - it's just more difficult with Exchange.

I've put copies of the files I had to reconfigure to get milter-ahead to
work in a very typical MailScanner configuration on our web site. There are
no install directions in the package but the install instructions on the
snert site are quite good. I'll post a short note when I have time to create
specific MailScanner install notes and update the package.

There is no link on our site to these files but you can download the file:

        wget http://www.fsl.com/support/milter-ahead.tar.gz

You might wonder about how efficient this method is and if it will slow down
the delivery of email. I have a note from the author explaining that it
should not. He believes the programs speed and caching methodology doesn't
slow things down that much. (It might even drop some spam if the spammer
can't wait for the response :) Our experience is that it's pretty quick. The
reduction of spam processing resulting from dictionary attacks that are
processed by MailScanner might actually reduce server load.

This may now be the best reason I know to use sendmail :)

Steve

Steve Swaney
President
Fortress Systems Ltd.
www.fsl.com
steve.swaney at fsl.com

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Fortress Systems Ltd.
www.fsl.com

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!