[Mimedefang] Validate users before scanning?
Jeff Rife
mimedefang at nabs.net
Mon Apr 17 18:21:56 EDT 2006
On 14 May 2005 at 21:08, David F. Skoll wrote:
> > (currently - if David is prepared to make MD jump three flaming hoops
> > while doing limbo dancing, then that might change - see my other post on
> > this subject.)
>
> Here's an odious solution (untested):
>
> sub filter_recipient {
> my($recipient, $sender, $ip, $hostname, $firstRecip, $helo,
> $rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;
> if ($sender ne '<mimedefang-recip-probe at mydomain.net>' or
> $ip ne '127.0.0.1') {
> my($val, $text, $code, $dsn) =
> md_check_against_smtp_server('<mimedefang-recip-probe at mydomain.net>',
> $recipient, $helo, '127.0.0.1');
> if ($val ne 'CONTINUE') {
> return ($val, $text, $code, $dsn);
> }
> }
>
> # Do normal filter_recipient processing here.
>
> }
>
> If your local Sendmail would reject the recipient (for whatever
> reason), then MIMEDefang is informed of it and the recipient doesn't
> get added to @Recipients in filter_begin.
OK, so I've tested this.
I did it two different ways:
1. as you described
2. by running another sendmail daemon listening on a high port, so I
could
keep the same virtusertable/aliases/etc., but not run any milters
The results show that you can *mostly* know when sendmail would reject
an recipient, but won't tell you for sure, in particular, any alias
that ends up pointing to something bad (an error mailer, or just
something that doesn't exist) won't be flagged as bad with this check.
Flat-out bad addresses seem to return the correct value, though, so if
you 100% control the aliases and virtusertable, you should be OK.
--
Jeff Rife |
| http://www.nabs.net/Cartoons/Dilbert/NoHelpDesk.jpg
More information about the MIMEDefang
mailing list