MS gateway checking for valid users before delivery

Bahadir Kiziltan b_kiziltan at HOTMAIL.COM
Thu Dec 29 14:26:00 GMT 2005 

Have MS 4.47-4 with Postfix on a server running Fedora Core 4, in charge of 
protecting Exchange 2003 :-). Here are the steps in order to accept mails 
only for valid users defined in Active Directory.

- Be sure that following perl modules are available, if not dw and install
perl-Net-LDAP (should already be available)
perl-Authen-SASL
perl-Net-SSLeay
perl-IO-Socket-SSL

- Find and modify the perl script called "getadsmtp.pl" appropriately.
$VALID = "/etc/postfix/AD_user_list"
$dc1="hostname.domain.com";
$dc2="hostname.domain.com";
$hqbase="dc=domain,dc=com";
$user="any_user\@domain.com";
$passwd="password";

- Then run it. Cron the pl script to be run periodically.

- Edit your /etc/postfix/main.cf file and add the following line...
relay_recipient_maps = /etc/postfix/AD_user_list

- Postmap the file created.
postmap /etc/postfix/AD_user_list

- Stop/start MTA.

Don't need to reload/restart postfix after every time re-mapping the file.

- Bahadir.





>From: Erick Perez <eaperezh at GMAIL.COM>
>Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
>To: MAILSCANNER at JISCMAIL.AC.UK
>Subject: MS gateway checking for valid users before delivery
>Date: Wed, 28 Dec 2005 20:44:34 -0500
>
>Hi, I've never implemented or read about how to setup the following
>config, so I wish some ideas can be given by the members of this list.
>
>in the past few days our microsoft exchange server is taking about 25k
>to 35k emails per day. All spam, destined in 80% of the cases to
>non-existent addresses in our company. So i think is a good time to
>give MS a try.
>
>I will use centos 4.2, MS, Postfix (or sendmail, but like postfix),
>MySQL,ClamAV and mailwatch to setup the antispam gateway (yes, we do
>not have spam protection blame the board of directors and the budget
>cuts).
>
>I got a script in perl that lets me export the smtp addresses of the 4
>domains we handle in the exchange server and i want to setup the
>centos box to *not* even try to check for spam/virus/etc if the
>recipient does not exist and silently discard the email. If the
>recipients emails is valid, then do the anti-spam/virus/etc stuff.
>
>the centos box will also have to be a smart relay since my exchange
>server will use it to send to the internet and of course the centos
>box will smart forward all processed emails to the exchange box.
>
>I have no idea how to setup this in terms of postfix configuration and
>MS configuration.
>
>I posted a smilar question to one postfix forum but I think I didn't
>explain myself very well.
>
>Comments, suggestions?
>
>Thanks in advance.
>
>
>--
>
>-------------------------------------------
>Erick Perez
>Linux User 376588
>http://counter.li.org/  (Get counted!!!)
>Panama, Republic of Panama
>
>------------------------ MailScanner list ------------------------
>To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>'leave mailscanner' in the body of the email.
>Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
>Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list