OT: Sendmail gateway using mailertable and access db
Jens Ahlin
mailing_lists+mailscanner at caleotech.com
Thu Nov 23 07:51:51 GMT 2006
>> OT: Sendmail gateway using mailertable and access db
>>
>> Hi All,
>>
>> I have a MailScanner box (CentOS 4) with sendmail-8.13.1-3 acting
>> gateway in front of an Exchange server (Not my decision). Now all mails
>> for all domains handled are scanned and forwarded to the exchange
>> server. Lately the amount of mail for unknown recipients has exploded
>> over the roof and I need to implement a quick solution. The server is
>> dying and I don't want to be "that guy" that send undeliverable reports
>> for spam/virus.
>>
>> I'm using access db for another installation and it works fine there but
>> the MailScanner box is not a gateway. All mails are delivered locally.
>> Now with a sendmail installation in gateway mode this doesn't work. I
>> have a script that pulls all valid email addresses from the exchange
>> server and want to use access db to block all but my valid users. I have
>> looked at milter-ahead but I could not figure out if this is the right
>> thing for me.
>>
>> My config using test.com as domain and xxx.xxx.xxx.xxx as the Exchange
>> server IP address.
>>
>> mailertable:
>>
>> test.com smtp[xxx.xxx.xxx.xxx]
>>
>> access db:
>> test.com RELAY
>> xxx.xxx.xxx.xxx RELAY
>>
>> TO:user at test.com RELAY
>> TO:test.com ERROR:5.1.1:550 User unknown
>>
>> I have no "relay" FEATURE in my sendmail.mc.
>>
>> Using this config results in all mails sent to user at test.com are
>> rejected with error 550 User unknown.
>>
>> I have read the sendmail documentation regarding access db and tried a
>> lot of different settings (Only TO:, Only Connect:, TO: and Connect:)
>>
>> Any idea of how to do this?
>>
>> Jens
>
>
> Having just gone done this route I can verify it works when you also put
> the
> domain in /etc/mail/relay-domains without that it will reject.
>
> As far as the LDAP, milter-ahead etc... arguments it seems to me that if
> you AD
> does not change very often then the Net::LDAP dump to /etc/mail/access
> with a
> makemap afterwards is the great low resource solution.
>
> I did this on a domain that was getting 170,000+ emails per day [thanks to
> this
> recent spam spike] it is now dropping 115,000 at the gateway. No extra
> ldap
> lookups, no fuss.
>
> Good Luck.
>
> -Mike
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>
Hi,
Thanks for your suggestions. You are right Mike. As soon I put my relay
domains in relay-domains it works great with the access db. I figured this
out eventually and just before you sent the email. I will look at other
solutions when I have more time (If it ever will happen). For now this is
good enough solution since the system is quite static.
Thanks all for suggestions.
Jens
More information about the MailScanner
mailing list