[CentOS] sendmail mail relay backscatter issue.

Thu Feb 4 14:56:28 UTC 2010
Les Mikesell <lesmikesell at gmail.com>

m.roth at 5-cent.us wrote:
> Mike wrote:
>> Simon Billis wrote:
> <snip>>
>>> I run a few sendmail servers that run MailScanner/Spamassassin/sendmail
>>> (current versions) on Centos 5.4 and Centos 4.8 These boxes accept mail
>>> for a large number of domains (6000+) scan the mail removing spam and
>>> then forward the ham to another server for delivery. I am attempting to
>>> stop any backscatter that these servers cause by only accepting mail for
>>> specific users at domain or for domains with a catch-all account.
>>>
>>> running
>>> make -C /etc/mail but this has no effect on the sendmail.cf file. My
> 
> Does it not give output? Have you tried adding -d?
> <snip>
>> Another would be to use MimeDefang as the framework instead of
>> mailscanner.  It has an option to check recipient addresses via smtp to
>> the delivery servers before accepting.  You may have to write a snippet
>> of perl to get that right for multiple domains (that's a feature...).
>> This is less efficient but works in real time against the addresses that
>> will be accepted for delivery.
> 
> I would question how "real time" that would be for every email for 6k+
> domains. If a few have a large client base, or are expecting responses
> from a mass emailing, it might start to take a *while*, unless you've got
> pretty heavy duty equipment and networking.

It's the same thing the downstream server is going to have to repeat in just a 
moment anyway, but this time it doesn't have to do the other steps.  If you are 
close to capacity already it might push you over the edge - and be worth 
scripting a way to maintain that frontend virtuser table that makes it a 
near-instant hash lookup for the relay sendmail.  But for the relay it will be a 
win either way to avoid the much heavier load of spam-scanning stuff to invalid 
recipients and making the downstream servers construct bounces.

-- 
   Les Mikesell
    lesmikesell at gmail.com