4 messages in net.sourceforge.lists.courier-users[courier-users] Re: backup MX and 550...
FromSent OnAttachments
Lorenzo PeroneMay 24, 2004 3:48 am 
Sam VarshavchikMay 24, 2004 3:46 pm 
Lorenzo PeroneMay 26, 2004 9:12 am 
Sam VarshavchikMay 26, 2004 3:40 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[courier-users] Re: backup MX and 550 User unknownActions...
From:Sam Varshavchik (mrs@courier-mta.com)
Date:May 26, 2004 3:40:40 pm
List:net.sourceforge.lists.courier-users

Lorenzo Perone writes:

Hello,

Thank You very much for taking the time to write back to this issue. I think after all that the LDAP idea (or some other way of transferring the valid users/aliases list) is the one most likely to work.

What I don't understand of Your "forward.domain.tld" approach, is why another domain (like "forward.domain.com") should not produce the 550 User Unknown message to the backup MX. In my eyes, it will do the same, but I might give it a try on a domain and see what happens.

Try it first WITHOUT putting the alternate hostname in the esmtpacceptmailfor file. Reviewing what I wrote, I think I made a slight error. Just remove the main domain from the esmtpacceptmailfor file.

regards,

Lorenzo

On 25. Mai 2004, at 0:46, Sam Varshavchik wrote:

Lorenzo Perone writes:

Hello,

I'm asking here if someone has a strategy suggestion for the following scenario:

I'm using courier as the main SMTP server, and another host running Sendmail as a Backup. The backup MX doesn't know about which accounts exist on the courier MySQL DB, and never will; thus it has to accept all the mail for the specified domains. MX. So far, so good.

What happens is that when someone (mainly spammers, who are always the most informed about mta shortcomings ;)) uses the backup MX for sending to non-existant accounts, the backup MX accepts them, and routes them to the courier server, who rejects them. Especially in case of invalid envelope Senders, the Backup MX postmaster gets spammed with non-delivery messages.

Is there anything I can do to avoid this on the _courier_ side? Ideally, courier would trash messages to invalid recipients originated by the backup MX, leaving the backup MX in peace.

I presume it will be difficult to accomplish, but maybe someone here has dealt with such an issue already and has a smart idea to share...

For example, suppose that you're providing backup MX for domain.com.

Make arrangements with the domain's owner to install an internal hostname alias, such as “internal.domain.com”, or “forward.domain.com”. The primary mail server should be programmed so that any mail received for “us@forward.domain.com” gets delivered to “us@domain.com”'s mailbox. The hostname “internal.domain.com” doesn't even have to be in DNS, it just needs to be recognized by the mail server as a local domain.

On your Courier server, replace “domain.com” with “internal.domain.com” in esmtpacceptmailfor, and also “internal.domain.com: [ip.address]” in esmtproutes. If “internal.domain.com” hostname has a public A record, esmtproutes does not need to be set up.

Then, create a simple alias file:

use@domain.com: use@internal.domain.com use@domain.com: use@internal.domain.com

And so on. Now, Courier will accept mail only for the listed mailboxes and forward it, everything else will be rejected.

If you're handy with scripting you may even automate it by allowing the primary domain's owner to update the alias file by scp-ing it over, and re-running “makealiases”.

The alias file may even be kept in LDAP, in which case you're out of the loop completely. Your own duty would be to set up courierldapaliasd to query the primary domain's LDAP server, and the primary domain is completely responsible for maintaining his own alias table.

_______________________________________________ courier-users mailing list cour@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users