Configuring sendmail to drop invalid users

[Ken A]

<x-flowed>
Dustin Baer wrote:
> kfliong wrote:
>
>> Hi all,
>>
>> As you know, i was having "joe-job" attack yesterday. I have since
>> fixed it
>> by adding the script provided by Steve to sendmail.cf file.
>>
>> I now want to refine script by allowing only mails sent to valid users.
>> Those mails send to invalid users currently goes to catchall account.
>> And I
>> have configured catchall to go to /dev/null. But this is not good
>> enough as
>> these mails are still keep in queues and then processed by
>> mailscanner. Is
>> there a way to drop these mails directly from MTA level?
>
>
> I've used Sendmail for several years and have never had to deal with
> this.  Sendmail doesn't accept mail by default for people not listed in
> its aliases, or virtusertable files.

If MailScanner is run on a relay instead of where your user db is, you
can use the sendmail access list to tell sendmail who the valid users
are, and to deny any others:

TO:valid_user1 at domain.com    RELAY
TO:valid_user2 at domain.com    RELAY
#
#
#
# Default entry to reject
TO:domain.com  ERROR:5.1.1:550 User unknown

You will need to generate this file from your list of real users,
wherever that is, and scp it over to your MailScanner machine(s).

Ken
Pacific.Net

> The comp.mail.sendmail newsgroup would be a good place for your question.
>
> Dustin
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
>

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>