[Mimedefang] sendmail.cf

[Joseph Brennan]

** not in production **

This sketches out how to refuse mail from yahoo if it is not going to be 
delivered to local mail hosts. check_compat has the recipients as they are 
*after* aliasing.

---------------

[1]
Make a class of the local mail hosts (but NOT the list host):

C{localstore} host1.example.com host2.example.com

[2]
Assuming you do not have a check_compat ruleset yet, use this, with tabs in 
the usual places:

Scheck_compat
# Local definition of standard ruleset 

R< $+ @ $+ > $| $+      $: < $2 > $3            get domain part of LHS
R< $+ > < $+ @  $+ >    $: < $1 > < $3 >        get domain part of RHS
R< $+ > < $={localstore} >      $@ ok           going to our local mailboxes
R< $+ > $+              $: $(access NoResend:$1 $:OK $)  is sender domain 
in access?
ROK                     $@ ok                   sender domain not listed
R$+                     $#error $: 550 5.7.1 "Your domain does not allow 
re-sending"

[3]
Put into access file lines like this:

NoResend:yahoo.com	REJECT
(It doesn't matter what is on the RHS since we're just checking whether 
it's there.)

----------------

All this, and it's only practical if you manually insert the problem 
domains into access.db. If this thing catches on, we'd want to cut over to 
a DNS lookup for the DMARC record, but at least maybe do it only if the 
mail is not for localstore. (see host -t txt _dmarc.yahoo.com)

I'd love to do it in Mimedefang. This was a beast. I EMPHASIZE THIS IS NOT 
IN PRODUCTION and it has barely been tested on a test host.


Joseph Brennan
Columbia University Information Technology