[Lilux-help] customizing "unknown user" bounce mail from sendmail
Alain Knaff
Alain.Knaff at linux.lu
Fri Apr 9 17:32:35 CEST 2004
begin Friday 09 April 2004 16:56, Eric Dondelinger quote:
> For this, the gate would have to know all users on the internal
> network - this is totally impractical in this case, as the gate
> here handles mail for a number of different institutions, each
> with their own mailservers maintained by themselves with their
> own mailboxes. The gate here is relay, and relay only.
Ooops :-(
> > Additional advantage: you avoid unwittingly "bounce-spamming" people
> > if some virus forges a From and sends to a non-existant users on your
> > system.
>
> That is an advantage for sure. We might think about adding AV
> checks on the external MX (if mail obviously viral, then generate a
> 5xx message, for which the AV scan would have to be done while the
> connection is still going - this on postfix),
On sendmail, you could use a milter to do this. But I'm sure that on
postfix it must be possible to do this as well, after all the SPF guys
must be addressing a similar problem.
[...]
> > To:User1.Name at linux.lu RELAY
> > To:User2.Name at linux.lu RELAY
> > ...
> > To:linux.lu ERROR:"430 Mail to linux.lu delayed due to heavy
> > joe-jobbing. Pl
> > ease try again later"
>
> Looks interesting, but doable only if you know every single user
> behind the gate.
Indeed, this takes some cooperation by the different "institutions"
that are handled by the gate.
[...]
> Again, not doable here - the box where I want to change this bounce
> message is already the second step *after* the external MX:
I see... Is there no possibility of implementing sth at the _real_
border machine?
Of course it all depends on how computer savvy and co-operating the
"institutions" are. If you can convince them to give you a list of
users (with updates, if they add/remove users) a semi-manual solution
might be possible.
> external machine / sender -> MX in DMZ -> firewall w/ mail proxy
> -> internal relay -> recipient mail server
>
> Only the external MX in the DMZ could directly talk to the sender,
> but it has no way of checking the existance of the end recipient.
>
> So, it's still the bounce message I'd have to change AFAICS...
>
> Greets & thanks for your input,
>
> Eric
Alain
More information about the Lilux-help
mailing list