[Mimedefang] Re: calling action_bounce() for viruses
alan premselaar
alien at 12inch.com
Tue Sep 30 23:55:02 EDT 2003
On 10/1/03 2:22 AM, "Kenneth Porter" <shiva at sewingwitch.com> wrote:
> --On Tuesday, September 30, 2003 7:49 AM -0500 Michael Sims
> <michaels at crye-leike.com> wrote:
>
>> Of course, I know this sort of thing is not nearly as prevalent as mail
>> relays that unconditionally accept all mail addressed for the domain they
>> handle, but it still happens from time to time...
>
> Which reminds me that one of my company gateways at another site is set up
> strictly as a spam scanner (postfix + SpamAssassin) and has no knowledge of
> the users on the "real" server (Exchange) set up behind it. The resulting
> bounces then pop out of the local site's Exchange server and hit my own
> sendmail + MD gateway to get to the outside world. So I end up seeing a lot of
> double-bounces. What's an admin to do?
>
> BTW, does anybody have any cookbook approaches to accessing Exchange's user DB
> to validate addresses on a front-end sendmail system?
Kenneth,
a little while back, with the help of someone off this list, I setup my
gateway machine to do LDAP lookups into the Active Directory to determine if
the users existed or not. I did this because i got fed up with Exchange's
default (and non-configurable) policy of "accept all mail and then generate
seperate bounce messages for unknown users" (apparently because this is
"more secure")
anyways, my setup now is:
internet -> primary MX (linux with SA/MD/etc) -- LAN --> Exchange
|-> secondary MX (linux with SA/MD/etc doing smtp user
qualifications from primary MX) -> primary MX (assuming it's available) --
LAN --> Exchange.
I have sendmail's connection throttling set (to deal with dictionary
attacks, which aren't too common here), LDAP lookups to the AD for user
verification, 5.x.x rejections of SPAM scoring higher than 10 points and
5.x.x rejection of certain viruses.
it's been working pretty nicely for me so far.
if you want assistance with this type of setup, feel free to contact me
off-list.
alan
More information about the MIMEDefang
mailing list