MailScanner & CentOS5/Sendmail
Greg Matthews
gmatt at nerc.ac.uk
Fri May 16 12:08:24 IST 2008
David Lee wrote:
> Another method available is sendmail's 'virtusertable' which gives:
> user at foo.com -> id-A at machine-Z
> user at bar.com -> id-B at machine-Y
> a.n.other at baz.org -> id-C at machineX
>
> And (the bit you probably want to know) if the recipient is not in the
> left-hand-side of the table then the email is rejected at SMTP stage.
> (There are many other details, but this MailScanner-list discussion is
> already approaching "off-topic"!)
>
> This 'virtusertable' facility can be useful at large sites with multiple
> domains. Our two main domains each have around 25,000 entries.
>
> So we use:
> o 'virtusertable': accept email for known users, reject unknown users
> (with frequent, automated updates from Personnel (HR) databases);
> o 'access': occasional blocking of external things that are bothering
> us (updates relatively infrequent; done by Postmaster).
additionally, we also make use of milter-ahead as we cannot always be
authoritative for users at domains which we relay for. Using this milter
allows us to delegate that authority to the domains themselves
>
>
--
Greg Matthews 01491 692445
Head of UNIX/Linux, iTSS Wallingford
--
This message (and any attachments) is for the recipient only. NERC
is subject to the Freedom of Information Act 2000 and the contents
of this email and any reply you make may be disclosed by NERC unless
it is exempt from release under the Act. Any material supplied to
NERC may be stored in an electronic records management system.
More information about the MailScanner
mailing list