Configuring sendmail to drop invalid users

William K. Hardeman wont-i at wkh.org
Tue Sep 28 22:05:22 IST 2004


<x-flowed>
--On Tuesday, September 28, 2004 16:17 +0800 kfliong <kfliong at WOFS.COM>
wrote:

> Hi all,
>
> As you know, i was having "joe-job" attack yesterday. I have since fixed
> it
> by adding the script provided by Steve to sendmail.cf file.
>
> I now want to refine script by allowing only mails sent to valid users.
> Those mails send to invalid users currently goes to catchall account. And
> I
> have configured catchall to go to /dev/null. But this is not good enough
> as
> these mails are still keep in queues and then processed by mailscanner. Is
> there a way to drop these mails directly from MTA level?

I would suggest you look into doing real time user lookups to determine if
the user exists. If the user doesn't, you can have sendmail break the
connection immediately, before receiving any data. The only page I know
discussing it in detail is is
http://anfi.homeunix.net/sendmail/rtcyrus2.html which is specific to
connecting Sendmail and Cyrus together to do real-time user lookups.

Hope this helps some
Will

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>



More information about the MailScanner mailing list