On Fri, Oct 31, 2008, Jussi Hirvi wrote:
John R Pierce (pierce@hogranch.com) kirjoitteli (30.10.2008 17:39):
and what about the user accounts in /etc/passwd ?
Hm, yes, never thought of that! That would be a very good (certainly easy) approach, though with its own limitations (it misses those users whose mail is forwarded in /etc/aliases to external addresses like gmail.com etc.).
I have a routine that pulls addresses from all the aliases files defined in the postfix main.cf file, and gets all non-admin accounts from /etc/passwd, combining the two to get all valid user names. It then gets all the domains from the postfix mydestination, combining the user names with these domains to build a large virtual file for a border MX server that has no users to allow it to validate incoming mail.
This have been working nicely for several years at an ISP with about 10,000 e-mail accounts. The border MX server does preliminary IP based anti-spam and uses amavisd and clamav to scan for phishing and worms that attack the Microsoft virus, Windows, but does no spam checking. It then sends messages that pass amavisd to a cluster of servers that do spamassassin checking, and delivery to NFS mounted Maildir stores.
Bill