On Dec 3, 2006, at 22:58:02, Todd Lyons wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm looking at a cyrus limitation right now. I'm really thinking this
is not cyrus' problem. I'm trying to figure out if it's actually a
sendmail limitation or a sendmail config error on my part.
The problem I'm working through became illuminated when some spammer
used one of our domains as the Return-Path for the spams. The mail
server crashed due to crippling load. It was aggravated when they did
it several days in a row.
Unfortunately I have little respect for people who bounce spam
because it's not the correct thing to do and in essence are spamming
you because they aren't intelligent enough to do some checking of
their own.
If they wish to bounce the mail, they should at least check the TLD
to ensure they are returning the e-mail to the server it came from or
discard the e-mail.
Let's say my domain is domain.com (in local-host-names). I have a
user
todd on it. It's an older box with updates manually applied so it has
sendmail 8.12.10 and cyrus imap 2.1.16. You can connect to my server
and send emails to *@domain.com and it will do all virus and spam
scanning BEFORE it passes it cyrus, which then reports "Data Format
Error" because the user doesn't exist. I have been googling and
looking
at m4 code and trying to figure out what I can do to make sendmail
check
the user at SMTP connect time the way it does if I configure
sendmail to
deliver to a regular mbox mail spool.
Just a thought but what about installing postfix and dropping
sendmail as your MTA?
It has the ability to authenticate users with cyrus-sasl along with a
lot of additional features that may be useful and works well with
amavisd-new or maia mailguard.
Here's what's in my sendmail.mc:
[root@lunar root]# tail -n 7 /etc/mail/sendmail.mc
MAILER(cyrus)dnl
define(`confLOCAL_MAILER',`cyrus')dnl
LOCAL_RULE_0
R$=N $: $#local $: $1
R$=N < @ $=w . > $: $#local $: $1
Rbb + $+ < @ $=w . > $#cyrusbb $: $1
I did a little testing, here's what I've found:
1) With none of the lines above (goes to regular mbox mail spool),
if I
attempt to send mail to asdf@xxxxxxxxxx, sendmail reports User unknown
at SMTP connect.
2) With only the MAILER line above (still goes to regular mbox mail
spool), if I attempt to send mail to asdf@xxxxxxxxxx, sendmail reports
User unknown at SMTP connect.
3) With the MAILER and the define (delivers to cyrus mail boxes), if I
attempt to send mail to asdf@xxxxxxxxxx, sendmail doesn't report that
the user is unknown, it does all spam and virus scanning, and only
when
it passes the email to cyrus deliver does it finally figure out
that the
user doesn't exist.
Is the above m4 code appropriate? Is there something obvious I'm
missing? Any URLs or suggestions or comments are appreciated.
My rudimentary understanding of sendmail macros makes me think that
instead of checking for users locally, it's checking for user cyrus
locally (which always succeeds), so the email is accepted for any
user.
If it's a problem with the older version of sendmail that I'm using,
then I apologize in advance, but a pointer in that direction would be
most appreciated.
- --
Regards... Todd
-- Dale
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
