[Mimedefang] Dictionary attacks, NDRs etc..

Richard Laager rlaager at wiktel.com
Thu Dec 4 13:08:41 EST 2003


 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fred Felgenhauer wrote:

> I am attempting to delete all non-existant recipients in
> filter_begin to cut down on message processing, but
> even after deleting the 4 bad recipients, mimedefang still did
> stream_by_recipient() using all 5 recipients

Put your code in filter_recipient so it looks something like this:

sub filter_recipient($$$$$$) {
	my ($recipient, $sender, $ip, $hostname, $first, $helo) = @_;

	if (not in Active Directory LDAP){
		return ('REJECT', 'is not a valid mailbox', 550);
	}

	return ('CONTINUE', 'ok');
}

Obviously, customizing the error message is up to you. It's also
probably a good idea to have code to handle the Active Directory
server being down. If the AD LDAP connection fails/timeouts, do this:

return ('TEMPFAIL', 'Try again later');

Don't forget to put the use Net::Ldap in the code somewhere. I always
put them towards the top of the script, but it's up to you.

Using filter_recipient will keep the invalid recipients from ever
being accepted. Then, your SpamAssassin all_spam_to thing is a
different issue to be solved by stream_by_recipient() in
filter_begin() like you said. If that's not working, have a look at
the documentation.

Richard Laager

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP894KW31OrleHxvOEQJRtACdEqekaVUt2su/XKDwxcW/EZ3zSFYAnjnA
wghNloVyG3fn89ck0W5gIPUz
=ZYkQ
-----END PGP SIGNATURE-----



More information about the MIMEDefang mailing list