[Mimedefang] Re: calling action_bounce() for viruses

Michael Sims michaels at crye-leike.com
Tue Sep 30 14:05:08 EDT 2003 

Kenneth Porter wrote:
> Michael Sims wrote:
>> Of course, I know this sort of thing is not nearly as prevalent as
>> mail relays that unconditionally accept all mail addressed for the
>> domain they handle, but it still happens from time to time...
>
> Which reminds me that one of my company gateways at another site is
> set up strictly as a spam scanner (postfix + SpamAssassin) and has no
> knowledge of the users on the "real" server (Exchange) set up behind
> it. The resulting bounces then pop out of the local site's Exchange
> server and hit my own sendmail + MD gateway to get to the outside
> world. So I end up seeing a lot of double-bounces. What's an admin to
> do?

I've seen various solutions proposed to this problem.  If you're using LDAP
you could configure the internet-facing MX to validate addresses against it
(not sure on the details of how this is done).  I've heard some suggest that
you have sendmail do all of it's delivery in real time, before returning a
success or failure to the connecting relay.  I never was able to get that to
work. :(

I ended up solving my problem by writing a simple perl script that runs on
my main mail server.  It gathers addresses from LDAP, and a couple other
sources (aliases, etc.) and then generates a virtusertable file.  It then
scp's this file over to my internet-facing MX and forces a rebuild of the
virtusertable.db.  The virtusertable file is in this format:

userid1 at example.com
userid2 at example.com
...

# Reject mail for any other users
@example.com        error:nouser 550 User unknown

Anyway, it's not the most elegant solution in the world but it works for me.
I have it running every 30 minutes.  The worst part is that new accounts
cannot receive mail for up to 30 minutes, but that's something I can live
with.  If anyone is interested in the script let me know...

___________________________________________
Michael Sims
Project Analyst - Information Technology
Crye-Leike Realtors
Office: (901)758-5648  Pager: (901)769-3722
___________________________________________

More information about the MIMEDefang mailing list