Fake Reply and sender address - looping receive mail inmailscanner

[Jason Ede]

________________________________________
From: mailscanner-bounces at lists.mailscanner.info [mailscanner-bounces at lists.mailscanner.info] On Behalf Of Alex Broens [ms-list at alexb.ch]
Sent: 15 July 2008 10:31
To: MailScanner discussion
Subject: Re: Fake Reply and sender address - looping receive    mail    inmailscanner

On 7/15/2008 11:12 AM, mcornes wrote:
> First post.
> Well I'll explain how we do the reject at SMTP rcpt.
>
> Every hour a cron job searches our active directory tree for any valid e
> mail addresses. These are then added to a database held by our mta (post
> fix) and from then on an e mail for an address we don't select is binned
> by the mail scanner box it isn't even scanned.
>
> This has the benefit of lessening load on what mail scanner actually has
> scan (and indeed virus check) but has the slight draw back of any new
> staff mail takes one hour before it is useable externally. That can be
> altered so the scan is performed more regularly I suppose.
>
> Hope this helps - I can post more exact instructions to what I did or
> links to the tutorials if that helps ?

Instead,  milter-ahead does the job real well.
Supports Postfix's transport hash tables very nicely.
Save all the import routine and is self mantaining

Alex


We do it in postfix with reject_unverified_recipient (http://www.postfix.org/ADDRESS_VERIFICATION_README.html) making sure you use the Address verification database part to cut down the lookups to the servers you deliver email to. The defaults for it suits us nicely, but need to be aware that if you add a new address on your email server it may take a while to start accepting email if an attempt has been made to deliver to that address in the hour or 2 before you added it on your mail server... i.e. it only re-checks for invalid addresses every X hours.

Jason