[70558] in North American Network Operators' Group
Secondary MX user list filter for Sendmail
daemon@ATHENA.MIT.EDU (Todd Vierling)
Tue May 18 21:25:32 2004
Date: Tue, 18 May 2004 21:24:29 -0400 (EDT)
From: Todd Vierling <tv@duh.org>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
A colleague asked me offlist about how to make a Sendmail secondary MX
properly return 550 for invalid recipient addresses. For smaller sites --
or even larger sites if the list is autogenerated and the access_db uses
"btree" storage (it's rather fast) -- the below solution will do just that.
=====
In your secondary MX's sendmail.mc, add the following FEATUREs if you don't
already have them.
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl
Rebuild your sendmail.cf from this, and then put entries like the following
in your /etc/mail/access file (assuming "foo.com" is your domain). I'm also
assuming that "foo.com" is already in /etc/mail/relay-domains (or
/etc/mail/sendmail.cR depending on your sendmail install), so that relayed
mail can get through.
userone@foo.com RELAY
usertwo@foo.com RELAY
To:foo.com "550 User unknown"
The RELAY lines designate explicitly allowed recipient addresses for
relaying to the primary MX. The To:...550 line, which requires the
"blacklist_recipients" feature, is a fallback rule that matches after the
email addresses and returns the expected "User unknown" error.
Now rebuild your access.db file, restart sendmail, and voila, you have a
secondary MX explicit user list.
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>
