[Mimedefang] What is the order of things that occur

Tue Jul 11 15:07:00 EDT 2006

On Tue, Jul 11, 2006 at 02:01:39PM -0400, Steve Campbell wrote:
> I have two mailservers. Each server is the mailstore for a different 
> domain. Each non-mailstore is a secondary MX for the other server's domain. 
> Each secondary relays mail for the other server's domain using the 
> mailertable.
> 
> I use a very simple mimedefang-milter. It just has the filter_recipient 
> section in it and I use the md_check_against_smtp_server function in it to 
> see if a valid user exists on the primary MX (mailstore) server.
> 
> Can someone verify for me that sendmail checks the mailertable and then 
> relays before MimeDefang is called? All of the mail for the domain to be 
> relayed is being "relayed" without MD doing any checks. Is there a solution 
> to this?

Three things:

1) did you enable the filter_recipient call, by setting
MX_RECIPIENT_CHECK=yes in the rc.mimedefang startup script?
(or try to determine if the "mimedefang" process is running with the
"-t" switch)

2) Didn't we just discuss this very same setup with you, in a thread
that started here?
http://lists.roaringpenguin.com/pipermail/mimedefang/2006-June/030458.html

3) Since this will tempfail if the primary server is down, there really is
no point at all in having the secondary MX. If all you are going to do is
tempfail the message if the primary is down, then it is _much_ better to
remove the secondary MX altogether.

In the current internet, there isn't any point in having a secondary
MX just for the purpose of fallback, if your primary server is mostly
up.

> This is how the setup here exists
> 
> mail to domain1 on server1 is local (primary MX for domain 1 also)
> mail to domain1 on server2 is relayed to server1 (secondary MX for domain1)
> MD running on server2 should check to see if mail to domain1 is valid
> 
> mail to domain2 on server2 is local (primary MX for domain 2 also)
> mail to domain2 on server1 is relayed to server2 (secondary MX for domain2)
> MD running on server1 should check to see if mail to domain2 is valid

This would be a lot easier:

domain1 is local to server1, and has server1 as the only MX,
domain2 is local to server2, and has server2 as the only MX.

And it works just as well.

-- 
Jan-Pieter Cornet <johnpc at xs4all.nl>
!! Disc lamer: The addressee of this email is not the intended recipient. !!
!! This is only a test of the echelon and data retention systems. Please  !!
!! archive this message indefinitely to allow verification of the logs.   !!