[CentOS] sendmail mail relay backscatter issue.
Kai Schaetzl
maillists at conactive.com
Fri Feb 5 12:31:19 UTC 2010
Simon Billis wrote on Fri, 5 Feb 2010 11:06:36 -0000:
> I am queuing and delivering using mailertable currently
I figured something along this line.
- hence the issue
> with backscatter as some of the domains do not have catch-all accounts.
Not to mention the extra stress on your system for scanning mails that won't
get delivered, anyway. I very much encourage moving away from catch-alls at
all. Sometimes it's impossible, but I found that most clients use only a few
addresses and can go easily without catch-all. This can reduce the number of
mails you have to process dramatically.
I am
> able to produce a list of valid email accounts and domains without a
> catch-all account so I should be able to create a virtusertable with the
> required entries to either accept all mail for a domain and then forward it
> to a specific account (the catch-all account) or to only accept mail for a
> specific account and then forward it to the same address (is this valid?) by
> again using mailertable(?).
If you go to virtusertable you don't need mailertable at all, it may even be
counterproductive/not usable I guess (I'm now mostly using postfix, so my ad-
hoc experience with sendmail and mailertable is somewhat dated). But you have
to explicitly list all target addresses. Something you didn't need to do
before. That is what I wanted to point out earlier.
You specify the forwarding address and that's it. You can then either specify
a catch-all (just the domain) with an error code or don't specify any. Unless
it matches a local alias/user there's then no way to deliver it, so it will
get rejected.
I think that using access.db and relay-domains
> may also work as needed.
I've never used access.db for relaying/local domains, I always relied on
relay-domains. I'm not sure, but I think sendmail takes the first match and
then stops scanning access.db. So you might be able to use something like
this:
To:user1 at domain OK (or RELAY)
To:user2 at domain OK
domain REJECT
and then keep your current mailertable method (no need for virtusertable) or
use virtusertable expandable forwarding addresses. It's possible, though, that
the order gets changed in the compiled map file. Maybe Les knows that better.
If that works it might be the best method as it rejects at the first possible
processing step.
Kai
--
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS
mailing list