[Mimedefang] Re: Milter / Sendmail Question for Rate Throttle
Sven Willenberger
sven at dmv.com
Fri Feb 25 18:59:33 EST 2005
On Fri, 2005-02-25 at 18:37 -0500, Kevin A. McGrail wrote:
> I am using MIMEDefang to do checks and then returning: return ('REJECT', "No
> such user here");
>
> I am fairly certain that this return to sendmail does not get counted in the
> statistics for RCPT Flood Throttling (i.e. Possible SMTP RCPT flood,
> throttling.)
>
> Am I using the wrong return? Does sendmail not count filter returns?
>
> Otherwise, I figure I need to write my own equivalent of RCPT Flood
> Throttling into poprelayd so I can ban those sites as well.
>
> Thoughts?
>
> KAM
>
Our system is such that the incoming MX record mailserver does not have
the actual users on it (as would appear to be the case with your setup
as well). We end up keeping all our users in a database and use
sendmail's acccess file to reject non-existent users. I have not tried
setting BAD_RCPT_THROTTLE to see if the REJECT value from access for the
non-existent users counts towards that limit but it could be worth a
try.
TO:ourdomain.com REJECT
TO:gooduser at ourdomain.com OK
TO:gooduser2 at ourdomain.com OK
This type of ruleset by default rejects all users unless explicity
listed. Using a 15-min cron that queries for user additions/deletions in
the database a temp access file is created. If it has changed from the
original access, it gets copied over and makemaps is run to load the new
access into sendmail. Access lookups are much faster than trying the
poprelayd (which I assume tests for valid users by running a login of
the username against the LDA mail server?)
Sven
More information about the MIMEDefang
mailing list