[Mimedefang] recipient filter and rbl's

Paul Houselander housey at sme-ecom.co.uk
Mon Dec 3 10:49:50 EST 2007


Im happy with my recipient verification script, I cache results etc.. to cut
down on how many times I need to query the backup system, it works really
well once the cache is built up.

After a bit of digging around I think ive pretty much decided not to use the
rbl feature in sendmail but to intergrate spamhaus checking into my
mime-defang script.

I currently have a

sub filter_recipient{

section which does the recpient verification, is it as simple as just adding
(below the filter_recipient) something like the following

sub filter_relay{
    return ("REJECT","$RelayAddr","554","5.7.1");

If its below filter_recipient should it be called after?

Kind Regards


> On Fri, 2007-11-30 at 15:02 +0000, Paul Houselander wrote:
> > My mailserver acts as a gateway to a few MS exchange systems
> and im using
> > mimedefang to reject invalid recipients.
> Why not use Sendmail for this too? It seems far more efficient to get
> Sendmail to block invalid addresses as well as do the DNSBL check (and
> then perhaps even do another DNSBL check in Mimedefang on the content of
> the e-mail that gets that far; that combo is brilliantly effective in
> blocking spam.)
> I found a couple of great Perl scripts on the Mimedefang Wiki; they talk
> LDAP to the Exchange servers, fetch a list of valid mail addresses and
> then write those into the Sendmail access db.
> End result - sendmail rejects all non-valid addresses and rejects all
> Spamhaus matches before they ever reach MD. The load on my gateways
> dropped dramatically now that MD only has to process valid mail for
> viruses and spam content. To make sure nothing outgoing is blocked I
> have the Exchange server IP's specifically set to allow relaying for
> those machines as a whole.
> Adding DNSBL zen.spamhaus.org to my Sendmail was the best thing I've
> ever done, spam-fighting wise. It's really uncanny how much Spam just
> goes away when you start rejecting dial-us and dynamic DNS addresses,
> and I have yet to get a single complaint about false positives.
> /Kimmo
> _______________________________________________

More information about the MIMEDefang mailing list