blocking mail for unknown users for certain domains only

[Martin, Jeremy]

Hi fellow MailScannians,

 

My goal:

 

To reject mail at the MTA level (sendmail) if it is being sent to an
unknown recipient (belonging to certain domains only), based on a list of
known ‘good’ email addresses for those certain domains. Sort
of like using sendmail’s blacklist_recipients to blacklist entire
domains, yet having some sort of whitelist_recipients so we can let mail
for known users override the blacklist.

 

Background / details:

 

We are using sendmail / MailScanner / MailWatch as a dedicated
anti-virus/spam gateway mail server. I have made a little
“prefs.php” addon for MailWatch, originally to let our users
set up their own whitelists and blacklists on a per-user / per-domain /
global basis. I also set up a daily quarantine email report and users can
specify if they do or don’t want to receive their daily quarantine
report through our addon to MailWatch. My prefs.php is storing their
preferences in a MySQL database, and I have some perl scripts that grab
the data from the database and output it into text files MailScanner can
read.

 

After letting that run for a few days, we can quickly build up a list of
valid email accounts for a domain based on who is receiving mail, and
it’s easy to see most of the typo’d and invalid email
addresses spammers are sending mail to since they receive such little
mail (and 100% spam) compared to the legitimate addresses. I set up a
daily “domain admin” quarantine email report that shows a
summary of all email for a certain domain in the past 24 hours, and made
an easy one-click way people can set up a new account with a random
password if they want to add a bunch of MailWatch accounts for valid
users quickly.

 

So I would like to give people an option on a per-domain basis of whether
or not to make Sendmail reject mail destined for their domain unless its
being sent to a known account. We do not want to apply this to every
domain since this will require the ‘domain admins’ to set up
any new email accounts they add in my prefs.php for MailWatch before the
server will accept mail for that new account, which some might see as an
inconvenience.

 

Similar to how I am dumping the settings from the database into text
files for MailScanner to read, I figure with the right Sendmail settings
I could add any domains that want this feature to the
blacklist_recipients file to reject all mail for their domain completely,
and dump all of the known user accounts into the
“whitelist_recipients” file if there is such a thing that can
override blacklist_recipients.

 

I have read in the M/FAQ about the Exchange LDAP lookahead stuff but that
is overkill I think.

 

Thanks for reading this and extra thanks to anyone who can point me in
the right direction. :-)

 

Best wishes

Jeremy

 

 

 

 

 

 

 

 

 

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!