[Mimedefang] Accept mail before processing

[Matthew Schumacher]

Matthew.van.Eerde at hbinc.com wrote:
>>>That way, you only do the nasty hack for people connecting with
>>>MUAs, and use normal "real-time" processing for everyone else.
>>
>>I am thinking about doing something similar for users with MUA's, as
>>during peak times sendmail/MD can take 5-10 seconds to send an email.
>>I was thinking about setting up another sendmail instance on another
>>IP that just accepts mail from our MUA's, and then relays it through
>>the sendmail/MD instance.
>>
>>I know I would loose functionality like immediately rejecting bad
>>recipients, a feature some MUA users like.  But assumed a bad rcpt
>>bounce would be returned to the original sender, right?
> 
> 
> You could set up another sendmail instance on a nonstandard port on the *same* machine.  That way you can get bad RCPT checking without the MIMEDefang overhead.
> 
> Or you could require SMTP AUTH and run sendmail on 587, then configure MIMEDefang to skip SpamAssassin checks on authenticated mail... or run them on a no-network-tests config, which should be much faster.
> 

This is how I do it in a corp environment, I turn off relaying by IP and
force users to authenticate to smtp before I will let them relay.  Then
I require TLS before SMTPAUTH [define(`confAUTH_OPTIONS', `A,p,y')] just
to make sure that the password is never passed in the clear.

Once the user authenticates I can see it in the filter because I import
a sendmail macro (look at docs over at
http://sial.org/howto/mimedefang/macro-pass/ ).  Now, I don't omit users
from virus scanning because I don't want a virus leaving, but I do omit
them from spamassassin which is the majority of the processing time.

Another interesting hack (that means use with caution) is this rule:

  # If user is authenticated or coming from localhost then stop filtering
  if ((exists $SendmailMacros{md_tag} and $SendmailMacros{md_tag} eq
'authenticated') or ($ip eq "127.0.0.1")) {
    $authenticated = "TRUE";
    md_syslog('warning', "user authenticated");
  } else {
    $authenticated = "FALSE";
    md_syslog('warning', "user is NOT authenticated");
  }

  # if the user is sending from domain.com then they must authenticate
(or be localhost)
  if( ($sender =~ /domain.com/i) && ($authenticated ne "TRUE") ){
    return ('REJECT', 'You must authenticate to send mail from an
domain.com account.');
  }

Basically, since we know that all of our users will authenticate, when
we see mail from domain.com that doesn't come from an authenticated user
we know it is spoofed so we reject it.  While this is great because it
limits inter domain spoofing to authenticated users, and viruses from
support at domain.com simply break, it also breaks things like ebay where
they send you mail from yourself.

Anyway, I think this is the best solution because you should treat
trusted users differently than public users.  I don't mangle trusted
users email, and I haven't had a call from someone complaining about
messages being marked as spam from other staff members in a long time.

schu