Re: Recommend Mail Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Ian Forde wrote:
>
> On Nov 23, 2009, at 5:34 PM, Christopher Chan 
> <christopher.chan@xxxxxxxxxxxxxxx 
> <mailto:christopher.chan@xxxxxxxxxxxxxxx>> wrote:
>
>> Les Mikesell wrote:
>>>>
>>>
>>> You probably really want ldap for that sort of thing.
>>
>> You probably really want to reconsider using ldap for anything that gets
>> loads of changes daily.
>
> In the case of a mail relay, at one point  years back I decided to 
> drop (not bounce) all email to bogus recipients at the relay level 
> rather than let it get to (yuck) Exchange, which would bounce it. The 
> trick was having an updated recipient list. My first thought was to 
> query Active Directory for each user, thus getting an up-to-date result.
>
> This turned out to be a *bad* idea for a couple of reasons. 1) if I 
> can't reach AD, mail won't queue up on the relays, which is one of 
> their major functions. 2) I'm making the relays directly dependent on 
> AD latency. 3) any flood of email from outside can cause a large 
> amount of queries against AD, causing a DOS that the relays are 
> supposed to shield the internal network from.
>
> So instead, I found a script to gather the list of users from AD, did 
> some modifications and wrote some wrappers. The result? A script that 
> runs from cron to get the list of valid addresses, convert them into 
> an access file that sendmail (or postfix, in the first case years ago) 
> can use instead. There's a little more latency, but as long as I do 
> some sanity checking (too many changes? Send an alert and don't change 
> the access file) it works just fine. Ldap-based, yes. But loosely 
> coupled. A good compromise in my experience...

Precisely why a buffer like this for sites with a very large user base 
might want to use cdb. postfix supports cdb and sendmail can get cdb 
support from sf.net/sendmail-cdb. Both need the tinycdb library though. 
Even mysql/postgresql could do with a break for legit users.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux