[Mimedefang] sendmail.cf

Joseph Brennan brennan at columbia.edu
Tue Apr 15 16:06:06 EDT 2014

** not in production **

This sketches out how to refuse mail from yahoo if it is not going to be 
delivered to local mail hosts. check_compat has the recipients as they are 
*after* aliasing.


Make a class of the local mail hosts (but NOT the list host):

C{localstore} host1.example.com host2.example.com

Assuming you do not have a check_compat ruleset yet, use this, with tabs in 
the usual places:

# Local definition of standard ruleset 

R< $+ @ $+ > $| $+      $: < $2 > $3            get domain part of LHS
R< $+ > < $+ @  $+ >    $: < $1 > < $3 >        get domain part of RHS
R< $+ > < $={localstore} >      $@ ok           going to our local mailboxes
R< $+ > $+              $: $(access NoResend:$1 $:OK $)  is sender domain 
in access?
ROK                     $@ ok                   sender domain not listed
R$+                     $#error $: 550 5.7.1 "Your domain does not allow 

Put into access file lines like this:

NoResend:yahoo.com	REJECT
(It doesn't matter what is on the RHS since we're just checking whether 
it's there.)


All this, and it's only practical if you manually insert the problem 
domains into access.db. If this thing catches on, we'd want to cut over to 
a DNS lookup for the DMARC record, but at least maybe do it only if the 
mail is not for localstore. (see host -t txt _dmarc.yahoo.com)

I'd love to do it in Mimedefang. This was a beast. I EMPHASIZE THIS IS NOT 
IN PRODUCTION and it has barely been tested on a test host.

Joseph Brennan
Columbia University Information Technology

More information about the MIMEDefang mailing list