[Mimedefang] Validate users before scanning?

Jeff Rife mimedefang at nabs.net
Mon Apr 17 18:21:56 EDT 2006


On 14 May 2005 at 21:08, David F. Skoll wrote:

> > (currently - if David is prepared to make MD jump three flaming hoops
> > while doing limbo dancing, then that might change - see my other post on
> > this subject.)
> 
> Here's an odious solution (untested):
> 
> sub filter_recipient {
>     my($recipient, $sender, $ip, $hostname, $firstRecip, $helo,
>        $rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;
>     if ($sender ne '<mimedefang-recip-probe at mydomain.net>' or
> 	 $ip ne '127.0.0.1') {
> 	    my($val, $text, $code, $dsn) =
> 		md_check_against_smtp_server('<mimedefang-recip-probe at mydomain.net>',
> 					     $recipient, $helo, '127.0.0.1');
> 	    if ($val ne 'CONTINUE') {
> 		    return ($val, $text, $code, $dsn);
> 	    }
>     }
> 
>     # Do normal filter_recipient processing here.
> 
> }
> 
> If your local Sendmail would reject the recipient (for whatever
> reason), then MIMEDefang is informed of it and the recipient doesn't
> get added to @Recipients in filter_begin.

OK, so I've tested this.

I did it two different ways:
1. as you described
2. by running another sendmail daemon listening on a high port, so I 
could
   keep the same virtusertable/aliases/etc., but not run any milters

The results show that you can *mostly* know when sendmail would reject 
an recipient, but won't tell you for sure, in particular, any alias 
that ends up pointing to something bad (an error mailer, or just 
something that doesn't exist) won't be flagged as bad with this check.

Flat-out bad addresses seem to return the correct value, though, so if 
you 100% control the aliases and virtusertable, you should be OK.


--
Jeff Rife |  
          | http://www.nabs.net/Cartoons/Dilbert/NoHelpDesk.jpg 





More information about the MIMEDefang mailing list