Sendmail and backup MX
John Rudd
jrudd at UCSC.EDU
Tue Sep 27 00:05:01 IST 2005
On Sep 26, 2005, at 15:41, Scott Silva wrote:
> John Rudd spake the following on 9/26/2005 2:37 PM:
>> On Sep 26, 2005, at 12:13, Scott Silva wrote:
>>
>>> Not a MailScanner issue, but ...
>>> Does anybody have any simple solutions for sendmail that only lets
>>> the
>>> backup MX accept mail when the primary is down?
>>> I don't want to re-invent the wheel if someone already has a working
>>> solution.
>>>
>>
>> Get mimedefang. Run it on your backup. www.mimedefang.org
>>
>>
>> There's a function it has called "filter_recipient" which you have to
>> write (in /etc/mail/mimedefang-filter), and which you have to turn on
>> in
>> the startup script. Here's what I would suggest:
>>
>>
>> sub filter_recipient {
>> my ($recip, $sender, $ip, $host, $first, $helo, $rcpt_mailer,
>> $rcpt_host, $rcpt_addr) = @_;
>> my ($type, $msg);
>>
>> # if the recipient is in the domain I secondary
>> if ($recip =~ /\@primary\.domain\.name\b/i) {
>>
>> # verify a known recipient on the primary
>> ($type, $msg) = md_check_against_smtp_server($sender,
>> $recip, # known recipient
>> "secondary.host.name", # your backup/MX server
>> "primary.host.name"); # the primary mail
>> server
>>
>> if ($type eq "REJECT") {
>> # the recipient doesn't exist, hard reject even if
>> # the primary is up
>> return ('REJECT', "Unknown Recipient");
>> }
>> elsif ($type eq "CONTINUE") {
>> # if you can verify it, then the primary is up
>> # TEMPFAIL (or REJECT) the message
>> return ('TEMPFAIL', "Only call me when the primary is down");
>> }
>> else {
>> # else, primary is down or having problems
>> return ('CONTINUE', "OK");
>> }
>> }
>> }
>>
> I'll look at this this week!
> Looks like it will do the equivalent of milter-ahead also.
> Thanks!!
>
Yes, you can also use this as a means of replacing milter-ahead. You
can also implement greylisting with it.
Though, be careful. It will detect any virus scanners you have
installed, and the default mimedefang-filter will try to run them.
That can put a lot of extra work on your machine, since you'll be doing
it both in mimedefang and mailscanner. So, when you do the "configure"
in mimedefang, you should look and see what you need to do to turn off
whatever virus scanners you're using.
(there's also a way to turn them off in mimedefang-filter, OR you can
simple comment out the parts of "filter_begin", "filter",
"filter_multipart", and "filter_end" which duplicate mailscanner
functionality; virus scanning is in filter_begin, attachment
filename/etc. checking is in filter and filter_multipart, and spam
assassin is in filter_end)
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list