[Mimedefang] md_check_against_smtp_server and md_graphdefang_log

kd6lvw at yahoo.com kd6lvw at yahoo.com
Tue Mar 26 18:24:17 EDT 2013


--- On Tue, 3/26/13, ts at phoenixsoftware.de <ts at phoenixsoftware.de> wrote:
> ...
> - The easiest way for that is SMTP call-ahead aka
> md_check_against_smtp_server.

A much better way is to access the user database directly.  That's what LDAP is for, but it can be done with other database types too.  With properly set up LDAP servers, one may even choose to make a subset of the information available to sending servers so they can check before even attempting to connect to yours.  SQL-based servers could also be used, but they're much less common and not as standardized.

Several MTA programs (e.g. sendmail) have had LDAP query ability built in for more than a decade.

Technically within SMTP, the proper way for a secondary to check with a primary for valid users would not be by faking a mail transaction but by using the VRFY or EXPN commands (which may be restricted to only the secondaries to prevent outside abuse).  VRFY is simpler - it returns a validity indicator.  EXPN will tell the querying server if it will be forwarded again (in which case it could substitute the recipient address with the one returned by the query and if going off-site, completely bypass the need to send it to the primary in the first place).



More information about the MIMEDefang mailing list