[Mimedefang] [slightly OT] MS Exchange server (was Re: virusnotifications, etc.)
Randy_Fox at csgsystems.com
Thu Apr 3 15:35:00 EST 2003
> From: alan premselaar [mailto:alien at 12inch.com]
> Sent: Wednesday, April 02, 2003 8:34 PM
> actually, we have gotten quite a few <randomly generated
> username>@domain.com types of spam and some dictionary attack
> type, as well.
> (although recently that seems to have died down a little)
What you may want to look at is linking your sendmail server to Active Directory via LDAP. We've been using LDAP routing for about 2 1/2 years on our central hub and this winter switched to using AD as our LDAP server. It's been working very good. I then added a filter_recipient filter almost straight out of the mimedefang-filter man page and we've been rejecting right at the front door. It's really cut down on the amount of unknown user messages without the sloppy method Exchange uses.
I've been noticing the same type of random user name generation but most of our unknown user mail is for past employees. I still see mail addressed to users who haven't worked here for 5-6 years still being sent to us. (I really appreciate lists that attempt to stay clean on a monthly or quarterly basis like this one does.)
Yesterday I picked up the O'Reilly Sendmail 3rd edition and in thumbing through it, notice that there are a lot of LDAP function calls. I suspect that there is a very clean method to make sendmail do all the work through LDAP calls thus decreasing overhead resources even further.
More information about the MIMEDefang