[CentOS] sendmail mail relay backscatter issue.

Les Mikesell lesmikesell at gmail.com
Fri Feb 5 13:43:40 UTC 2010


Simon Billis wrote:
>
>> The point would be able to include a default reject rule for each
>> domain, which means that you have to supply valid forwards for all
>> addresses you don't want to reject at the relay.  (You could default to
>> forwarding, but that doesn't help with the backscatter issue).  But
>> that
>> doesn't change the ability to queue/deliver except that the relay has
>> to
>> accept the domains as local to do the virtuser lookup so the new target
>> has to have a different name for the delivery host.   I'm not sure how
>> that relates to your distinction between forwarding and queuing.
>> Sendmail has local and remote addresses, but remote ones all go through
>> the same steps.
> 
> I am queuing and delivering using mailertable currently - hence the issue
> with backscatter as some of the domains do not have catch-all accounts. I am
> able to produce a list of valid email accounts and domains without a
> catch-all account so I should be able to create a virtusertable with the
> required entries to either accept all mail for a domain and then forward it
> to a specific account (the catch-all account) or to only accept mail for a
> specific account and then forward it to the same address (is this valid?) by
> again using mailertable(?). I think that using access.db and relay-domains
> may also work as needed.

Sendmail will only look in virtusertable if it considers the address local (i.e. 
you've added the target domain to local-host-names).  That means you'll have to 
use some other name for the delivery target in the virtusertable expansion side 
to get it to forward on.  Probably whatever you are using in mailertable will 
work.  You might be able to use user@[host.domain] notation or user@[IP_address] 
there to avoid another MX lookup that would come back to the relay - I'm not 
sure about that.  You'll probably have to do some testing with this part since 
it is a fairly drastic change to make the targets local - but you can do it one 
domain at a time.

-- 
   Les Mikesell
     lesmikesell at gmail.com



More information about the CentOS mailing list