Gary Funck wrote: > > One of the difficulties we run into with MdF in general and > greylisting in particular is that recipient address > verification (via the access > database) is delayed via delay_checks. So, basically we > tempfail messages with invalid recipient addresses that we > should reject outright at the HELO phase, and these messages > will have to be bounced later if the sender retries. > Further, if we're front-ending other servers, we may not even > know whether the user address is valid. > > But ... if the internal servers (including a dummy server on > the relay box for access_db checks) supported VRFY, then MdF > could check the addresses early on by first consulting the > internal server(s). > > Make sense?
Yeah, that does make a lot of sense, and it's probably doable, but I've found that it's simpler to just extract all of the valid addresses from the internal server with a cron job, then build an access.db for the front-end server to use. This allows you to reject the bad addresses at MTA level, so that you don't even need to invoke MdF. I'm using Sendmail, but I imagine this would work with other MTAs as well. Here are a couple of different approaches to this issue: http://www.mimedefang.org/kwiki/index.cgi?RelayCheckAddresses http://www.mimedefang.org/kwiki/index.cgi?Exchange2Access I use the second technique. Just remember that you need to add: to:yourdomain.com ERROR:5.1.1:"550 User unknown" to the beginning of your access database, so that the server will reject everything that doesn't match a valid recipient address. Brian Leyton IT Manager Commercial Petroleum Equipment _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang