Les Mikesell wrote: > Christopher Chan wrote: > >> >> >>> If you have a reasonably fast internal mailer you can just let mimedefang on >>> your external relay check against it with smtp in real time. Exchange isn't one >>> of those, though. >>> >>> >>> >> That internal mailer still has to whack something. You would just be >> adding another layer again with the smtp latency. What is with the love >> of uber number of layers? >> > > You are removing a layer if you just pass through the recipient check to the > ultimate source (the internal delivery machine) before accepting, and it does in > fact need to be able to handle the lookups at the speed real messages come in. > However, your external relay is likely to get whacked with a dictionary attack > that it needs to be able to reject quickly so you can't do that if the delivery > box is slow. > OH are we? So what happens when the frontend hands off to the internal delivery machine? Does not the internal delivery machine again do another lookup? > I used qmail for one of my domains a while back and it's practice of accepting > everything, then sending bounces got a dictionary attack onto some kind of 'good > to spam' list and I got about 50,000 messages/day for non-existing users for > years afterwards. That was a problem until I put a sendmail with the good users > in a virtuser table in front of it. Interestingly, the messages would come in > from a large number of different IP addresses but in a sorted order and with > clearly coordinated timing. > > /me shudders to think of anyone running a pure qmail-1.03 for a mx.