Chris Adams <cmadams@xxxxxxxxxx> wrote: [snip] > You really need the secondary to have some way of knowing all the valid > recipient addresses at the domain (and have any spam filtering > configured to match), so it doesn't accept mail that the primary > wouldn't. > This is more complicated; for sendmail, you have to write a few custom > rulesets (not really very much). The bigger issue is that you need some > way for the secondary to know the valid addresses on the primary; the > usual way is to have all users, aliases, etc. in LDAP (and replicate the > LDAP to the secondary). I use sfm-sav to verify the recipient addresses. It works by querying the server and caching results. It can be used for both recipient and sender addresses, but most of the junk I get is the millions of generated recipients, so this nicely refuses them at the seconday. It integrates well with sendmail, requiring only minor updates to sendmail.mc. Unfortunately, the package is not part of the fedora family, as far as I can tell, but it is available at sourceforge. Seems to me I had to do some minor tweeking. There are interface problems with selinux. I've written a script that handles them and will be glad to send my updates to anyone interested. The "use at your own risk" caveats apply, of course. I would also recommend milter-greylist. This package is available via the standard fedora repositories. This greylisting cut our incoming e-mail (almost all of it spam) down by about 95%. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines