Our mail setup at work consists of several machines, hosting several domains:
__________ [ ] [ MX running ] [ mail spool ] [ INTERNET ] ---> [ mimedefang ] ---> [ with mailboxes ] [__________] [ and SA ] [ ]
However, there are more than one mailspool, and incoming mail gets directed to the appropriate spool based on the recipient's domain and sendmail's mailertable file.
The problem I have is with these dictionary attacks, where mail would come in to many invalid users at one of the domains. It hits the MX, and while some gets bounced, some don't (because I still don't believe bayes is doing jack squat on my end - that's a different story.) So, assuming one of those attacks gets past mimedefang, the MX then tries to deliver to the mail spool, only to have the mail spool return a user unknown. At that point, that piece of email gets forwarded to the postmaster of said domain (after all, as far as the spool is concerned, it came from the mx, not from whatever the outside source was.)
So, my question now is, from within mimedefang, is there some way I can have it validate a recipient's address PRIOR to attempting delivery? Like somehow contacting the spool and see if that user exists, and if not simply bounce the message before it even gets onto our network.
-- W | I haven't lost my mind; it's backed up on tape somewhere. +-------------------------------------------------------------------- Ashley M. Kirchner <mailto:[EMAIL PROTECTED]> . 303.442.6410 x130 IT Director / SysAdmin / WebSmith . 800.441.3873 x130 Photo Craft Laboratories, Inc. . 3550 Arapahoe Ave. #6 http://www.pcraft.com ..... . . . Boulder, CO 80303, U.S.A.
_______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
