[Mimedefang] recipient filter and rbl's
Paul Houselander
housey at sme-ecom.co.uk
Mon Dec 3 10:49:50 EST 2007
Hi
Im happy with my recipient verification script, I cache results etc.. to cut
down on how many times I need to query the backup system, it works really
well once the cache is built up.
After a bit of digging around I think ive pretty much decided not to use the
rbl feature in sendmail but to intergrate spamhaus checking into my
mime-defang script.
I currently have a
sub filter_recipient{
........
}
section which does the recpient verification, is it as simple as just adding
(below the filter_recipient) something like the following
sub filter_relay{
if(relay_is_blacklisted($RelayAddr,"zen.spamhaus.org")){
return ("REJECT","$RelayAddr","554","5.7.1");
}
}
If its below filter_recipient should it be called after?
Kind Regards
Paul
>
>
> On Fri, 2007-11-30 at 15:02 +0000, Paul Houselander wrote:
>
> > My mailserver acts as a gateway to a few MS exchange systems
> and im using
> > mimedefang to reject invalid recipients.
>
> Why not use Sendmail for this too? It seems far more efficient to get
> Sendmail to block invalid addresses as well as do the DNSBL check (and
> then perhaps even do another DNSBL check in Mimedefang on the content of
> the e-mail that gets that far; that combo is brilliantly effective in
> blocking spam.)
>
> I found a couple of great Perl scripts on the Mimedefang Wiki; they talk
> LDAP to the Exchange servers, fetch a list of valid mail addresses and
> then write those into the Sendmail access db.
>
> End result - sendmail rejects all non-valid addresses and rejects all
> Spamhaus matches before they ever reach MD. The load on my gateways
> dropped dramatically now that MD only has to process valid mail for
> viruses and spam content. To make sure nothing outgoing is blocked I
> have the Exchange server IP's specifically set to allow relaying for
> those machines as a whole.
>
> Adding DNSBL zen.spamhaus.org to my Sendmail was the best thing I've
> ever done, spam-fighting wise. It's really uncanny how much Spam just
> goes away when you start rejecting dial-us and dynamic DNS addresses,
> and I have yet to get a single complaint about false positives.
>
> /Kimmo
> _______________________________________________
More information about the MIMEDefang
mailing list