Matt, IIS SMTP supports "event sinks" at various stages of the protocol. VAMsoft uses them to check the IP address upon connection, or to check the email addresses in MAIL FROM / RCPT TO the moment they occur.
So - yes, it appears entirely feasible to write an event sink that will compare the RCPT TO against ANY user base (AD, LDAP, SQL Queries, plain-text files,...) See: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsmtps/htm l/writingmngsinks.asp?frame=true#writingmngsinks_topic2 I have offloaded all my outbound SMTP (and authorized SMTP relaying) to one of my IIS SMTP machines - and it also acts as my backup MX. ORF has been a godsend to ward off unwanted emails by spammers who try to send to the Backup MX (so they don't have to be processed by Declude/Imail). I would seriously consider funding some of the development for an IMAIL/LDAP lookup event sink as it would help my SMTP server to "disconnect" on dictionary attacks. Best Regards Andy Schmidt H&M Systems Software, Inc. 600 East Crescent Avenue, Suite 203 Upper Saddle River, NJ 07458-1846 Phone: +1 201 934-3414 x20 (Business) Fax: +1 201 934-9206 http://www.HM-Software.com/ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Sent: Monday, February 09, 2004 02:06 PM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] [Declude.Junkmail] MS SMTP LDAP Routing Sandy, I recall checking this out once before when it was mentioned, probably by you. Somehow I figured that you would probably be the one that would know :) I do see the piece about ActiveDirectory integration. I'm not an AD expert by any means, and I'm wondering if it's plausible to create a database of sorts within AD that isn't the equivalent of your accounts. This would be a great place to store such information if possible. I could then create an application that essentially dumped the IMail users to a file, and users from a separate database for gatewayed domains, and then imported it into AD for use with something like this. Also, now that it's clear that MS SMTP can be used for envelope rejection, I'm wondering how easy it would be to write an application that pulled this information from any number of sources (IMail's LDAP for instance). I've got a programmer buddy that I'm sure could handle this if I gave him the right pointers. It's not that ORF is expensive, it's quite cheap, but I'm really only looking for envelope rejection of bad accounts and also potentially for dictionary attacks through some mechanism designed to detect them. Any idea about what is used to tap into the MS SMTP service to make these extensions? Right now I have no legitimate need for this due to my traffic, however my business is growing and I would like to stay ahead of the game and make plans for the future. Envelope rejection for gatewayed domains would be a big bandwidth and processor saver, and it doesn't look like IMail is headed in the direction of providing such a tool beyond their own accounts. Thanks, Matt Sanford Whiteman wrote: >LDAP routing cannot be used for (and isn't designed for) that purpose. > >If you're looking to integrate MS SMTP with your userbase, the best bet >is ORF from Vamsoft, which offers AD-integrated envelope rejection. > >--Sandy > >-- >------------------------------------ >Sanford Whiteman, Chief Technologist >Broadleaf Systems, a division of >Cypress Integrated Systems, Inc. >mailto:[EMAIL PROTECTED] >------------------------------------ >-- >--- >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > >--- >This E-mail came from the Declude.JunkMail mailing list. To >unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type >"unsubscribe Declude.JunkMail". The archives can be found at >http://www.mail-archive.com. > > > > -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ ===================================================== --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
