[Mimedefang] Can't filter after last recipient, right?
Joseph Brennan
brennan at columbia.edu
Mon Nov 24 08:58:25 EST 2008
>> What if you want to reject the message if more than 5% of the
>> recipients are invalid? (dictionary attack prevention)
>
> First, if you are getting single e-mails with enough recipients that 5%
> failure is common, then you are probably so big that you can't reject
> based on that, since simple typos would do it. For example, if an e-
> mail came in with 20 recipients and two were typo'd, then you'd reject.
You can tempfail all remaining recipients if the number of bad ones
exceeds an absolute number. Usually, legit mail servers will queue
and retry, and spam servers will not. Sendmail.mc:
SLocal_check_rcpt
R$* $: $1 $| $( arith l $@ $&{nbadrcpts} $@ 3 $)
R$* $| FALSE $#error $: 450 Too many bad recipients
Test it first.
mail from:<brennan at columbia.edu>
250 2.1.0 <brennan at columbia.edu>... Sender ok
rcpt to:<foo at columbia.edu>
550 5.1.1 <foo at columbia.edu>... User unknown
rcpt to:<bar at columbia.edu>
550 5.1.1 <bar at columbia.edu>... User unknown
rcpt to:<qux at columbia.edu>
550 5.1.1 <qux at columbia.edu>... User unknown
rcpt to:<blurfl at columbia.edu>
450 4.0.0 <blurfl at columbia.edu>... Too many bad recipients
rcpt to:<brennan at columbia.edu>
450 4.0.0 <brennan at columbia.edu>... Too many bad recipients
Joseph Brennan
Columbia University Information Technology
More information about the MIMEDefang
mailing list