How to Filter junk by valid accounts

Dennis Willson taz at taz-mania.com
Tue Oct 17 00:44:39 IST 2006 

On Mon, 16 Oct 2006 20:17:03 +0200 (CAT)
  Jim Holland <mailscanner at mango.zw> wrote:
>On Mon, 16 Oct 2006, Michael Baird wrote:
>
>> On Mon, 2006-10-16 at 08:59 -0500, Carr, Daryl B. wrote:
>> > Hello,
>> > 
>> > What is the best way to filter email addresses as "valid" with 
>>sendmail.
>> > We have recently experienced a large increase in junk email 
>>resulting in
>> > the mqueue.in becoming very large (>400,000).
>> > 
>> > I have investigated LDAP, NIS, lists of names, etc.
>> > 
>> > Please point me in the best direction.
>> > 
>> > Thank you!
>> 
>> This must be somesort of mail gateway that forwards to an internal 
>>mail
>> server? You are looking to do recipient address verification. If 
>>this is
>> a case, probably your best bet is a milter to call your internal 
>>servers
>> and verify the recipients. I'm using this milter with success
>> http://smfs.sourceforge.net/smf-sav.html, but am not using the RAV
>> feature, which is apparently what you are looking for.
>
>I have just implemented this milter on a gateway, specifically for 
>recipient address verification, and it works very well, although I 
>have a 
>few issues that need to be worked out.
>
>On the gateway you list the domains you want to relay for in the 
>sendmail
>access file, and put an entry in the mailertable file - just as 
>normal.  
>When a connection is made from an external server for a relay domain 
>it
>will look at the appropriate entry in the mailertable file and make 
>an
>smtp connection to that server to verify if the address is OK.  If it 
>is
>OK then mail is accepted, otherwise it is rejected if a negative 
>response
>is received, or tempfails if it can't get a positive response.
>
>It will also work with addresses specified in the virtusertable file.
>
>milter-ahead is a commercial alternative that presumably does all the
>above in a much more sophisticated manner.
>

Actually it appears to do it in pretty much the same way!


>The only problems I have noticed so far are:

>
>	I currently cannot get it to accept mail to local accounts on the
>	gateway - they always tempfail.  Bad in principle, but not
>	too serious in my situation as there is virtually no external
>	mail to local accounts on the gateway.  There must be a solution!

I had the same problem at first... It turned out to be that my 
rejection for the helo statement was causing it. I don't allow a 
remote mailserver to use my own servers name as in the HELO command. 
Well in the config for SMF-SAV it wants the servers FQDN... Which it 
uses for HELO. This caused the milter to use my own servers name when 
verifing. Be sure you whitelist your servers own IP address and/or 
create a seperate name for the HELO.




>
>	If an address is rejected by the server listed in mailertable
>	the response is always the same: "550 5.1.1 Sorry, no mailbox
>         here by that name".  That is rather misleading if there is
>	another reason, such as a full mailbox.  For the moment I have
>	changed that message in the source to be more inclusive.
>
>	Although it is failsafe, in that if the socket fails then
>	sendmail will just accept all incoming mail, it cannot
>	cleanly reload its configuration file without shutting down
>	MailScanner/sendmail first and waiting for a while before
>	restarting both.
>
>Regards
>
>Jim Holland
>System Administrator
>MANGO - Zimbabwe's non-profit e-mail service
>
>
>-- 
>MailScanner mailing list
>mailscanner at lists.mailscanner.info
>http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>Before posting, read http://wiki.mailscanner.info/posting
>
>Support MailScanner development - buy the book off the website! 


--------------------------------------------------
Dennis Willson

taz at taz-mania.com
http://www.taz-mania.com

Ham: ka6lsw
Scuba: Rescue Diver, EANx, Wreck, Night, Alt, Equip, UW Photographer, 
Gas Blender

Owner: Kepnet Internet Services

Life should not be a journey to the grave with the intention of 
arriving safely in a nice looking and well preserved body, but rather 
to skid in broadside, thoroughly used up, totally worn out, and loudly 
proclaiming, "WOW! WHAT A RIDE!"

More information about the MailScanner mailing list