[SOLVED]RE: Sendmail gateway using mailertable and access db

Jens Ahlin mailing_lists+mailscanner at caleotech.com
Thu Nov 23 14:47:04 GMT 2006


> Jens - this is the same setup I have (sendmail gateway before exchange) I
> started getting bombarded with unknown recipients on exchange myself about
> three weeks ago. I also tried to stop them at the SMTP "Connection" on
> sendmail with access.db. Wasn't working and it was killing my entire mail
> system. Yesterday I found this:
>
> http://www.technoids.org/procmailfilter.html
>
> Don't let the procmail part confuse you. Skip that part. Check the last
> few
> pages of this. It tells you (and explains why) how to set up the
> access.db.
> It really works and cleaned things up immediately for me. The key is to
> use
> "OK" and not "RELAY" with you "To:" entries in access.db. I am one happy
> camper now. And I know what you are going through exactly. If you can't
> get
> it to work correctly, let me know and I will send you the applicable
> sections of my access file.
>
>
> ##########################################
> This is coming from the home and office of:
>
> Mark E. Donaldson
> Bandwidthco Computer Security
> markee at bandwidthco.com
> http://www.bandwidthco.com/
>
> Copyright C 1999 Bandwidthco.com. All rights reserved.
>
> 4500 0028 a66b 4000 8006 d307 c0a8 000a
> c0a8 0002 0871 0bc3 572b 25f7 ca7d 1b60
> 5010 f64c c0f6 0000 0000 0000 0000
> ##########################################
> CCNA, OCP, GSEC, GCFW, GCIH, GCIA, GCUX, GCFA, GAWN, X-Ways (WinHex)
> Forensics Certified
> ##########################################
> Hacking is the process of influencing a computer system
> in such a way that it performs an action that is useful to you.
> ##########################################
>   .~.
>   /V\
>   /( )\
> ^^-^^
>
>
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf Of Jens
> Ahlin
> Sent: Wednesday, November 22, 2006 3:19 AM
> To: mailscanner at lists.mailscanner.info
> Subject: OT: Sendmail gateway using mailertable and access db
>
> Hi All,
>
> I have a MailScanner box (CentOS 4) with sendmail-8.13.1-3 acting gateway
> in
> front of an Exchange server (Not my decision). Now all mails for all
> domains
> handled are scanned and forwarded to the exchange server. Lately the
> amount
> of mail for unknown recipients has exploded over the roof and I need to
> implement  a quick solution. The server is dying and I don't want to be
> "that guy" that send undeliverable reports for spam/virus.
>
> I'm using access db for another installation and it works fine there but
> the
> MailScanner box is not a gateway. All mails are delivered locally. Now
> with
> a sendmail installation in gateway mode this doesn't work. I have a script
> that pulls all valid email addresses from the exchange server and want to
> use access db to block all but my valid users. I have looked at
> milter-ahead
> but I could not figure out if this is the right thing for me.
>
> My config using test.com as domain and xxx.xxx.xxx.xxx as the Exchange
> server IP address.
>
> mailertable:
>
> test.com smtp[xxx.xxx.xxx.xxx]
>
> access db:
> test.com     RELAY
> xxx.xxx.xxx.xxx     RELAY
>
> TO:user at test.com    RELAY
> TO:test.com         ERROR:5.1.1:550 User unknown
>
> I have no "relay" FEATURE in my sendmail.mc.
>
> Using this config results in all mails sent to user at test.com are rejected
> with error 550 User unknown.
>
> I have read the sendmail documentation regarding access db and tried a lot
> of different settings (Only TO:, Only Connect:, TO: and Connect:)
>
> Any idea of how to do this?
>
>         Jens
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
> ########################################################
> This message has been scanned for viruses and dangerous content by
> MailScanner, and is believed to be clean.
>
> postmaster at bandwidthco.com
> MailScanner at Bandwidthco Computer Security is for your absolute
> protection.
> ########################################################
>
>
>
>
> ########################################################
> This message has been scanned for viruses and dangerous
> content by MailScanner, and is believed to be clean.
>
> postmaster at bandwidthco.com
> MailScanner at Bandwidthco Computer Security is for your absolute
> protection.
> ########################################################
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>
>

Hi,

I solved this yesterday as I stated before. But thanks for the input. The
thing that solved it for me was that I (stupid idiot) had configured
sendmail wrong when I set it up. When I added all my domains in
relay-domains file and removed them from access.db it worked like a charm.
If you run sendmail with local mailboxes and don't use mailertable for
routing you can have the relay information in the access.db file instead
of relay-domains.

    Jens



More information about the MailScanner mailing list