[Mimedefang] backup MX server & checking for valid users
alan premselaar
alien at 12inch.com
Wed May 14 12:53:01 EDT 2003
On 5/15/03 1:39 AM, "Nate Carlson" <natecars at real-time.com> wrote:
> On Wed, 14 May 2003, alan premselaar wrote:
>> on the DMZ I have my primary MX server which does LDAP lookups to the
>> active directory to reject uknown users at SMTP negotiation time. (so
>> that way my postmaster mail doesn't get slammed with a bunch of "can't
>> deliver to this non-existant email address" emails because of all the
>> bunk virus/spam mails.
>
> This a Sendmail server? Mind posting the relevant portions of your
> .mc/mimedefang-filter?
for the LDAP lookup stuff?
>
>> is there any way to configure sendmail and/or MD to do an SMTP
>> user_exists type of check from the secondary MX server to the primary
>> MX server? (making the assumption that if the primary MX server
>> doesn't respond in $TIMEOUT that the mail will be accepted and queued)
>
> Why not just have it check the LDAP server, too? That way you just rely on
> the LDAP servers being up, instead of relying on your primary MX to be up.
>
because all of the MS windows servers are on a LAN (192.168.x.x IPs) and
aren't directly accessible from the secondary MX server, which is located in
our datacenter.
the primary MX server is on the DMZ (connected thru the same firewall as the
MS servers) and checks the active directory via LDAP calls (since it has a
route to the LAN)
> Also better use of resources.. why make the Primary MX do the lookup when
> you can do it directly?
anyways, i got it working with David's enlightenment (mimedefang requiring
-t argument to process the filter_recipient subroutine) and i'm a happy
camper now.
alan
More information about the MIMEDefang
mailing list