RE: Sendmail question

From: Noah Davidson (NoahD_at_oopz.com)
Date: 02/14/05

  • Next message: Suporte Matik: "Re: Sendmail question" 
    Date: Sun, 13 Feb 2005 17:56:42 -0800
To: <bv@wjv.com>, <freebsd-isp@freebsd.org>

    This is a backup mail server. The primary mail server is an Exchange 2003 server. So when mail is sent to invaliduser@bdomain.com then this server sends the mail to the exchange server that is responsible for handling the mail for domain.com. Since the user does not exist it bounces the mail. Then the root alias gets a copy of the bounced mail. Is there any way to prevent this from happening? This server should just queue the mail for the exchange server until the exchange server is available.
     
    Thanks
    Noah Davidson

    ________________________________

    From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion
    Sent: Sun 2/13/2005 5:42 PM
    To: freebsd-isp@freebsd.org
    Subject: Re: Sendmail question

    I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at 23:13 ,
    Suporte Matik actually admitted to saying:

    > On Sunday 13 February 2005 22:46, Noah Davidson wrote:
    >
    > > The only problem with that approach is that this is a back up
    > > server and the users may not be able to know of all of the
    > > users. Is there any way to not have all of these bounced mail
    > > go to the postmaster / root account.

    > sendmail should reject mail for nonexistent users by default
    > and not forward to root unless you have any strange alias for
    > all but you say bounced mail what confuses me a little bit, but
    > anyway, isn't it that your systema accounts are exploited by
    > the spammers ? so if having 10 domains you may get 10 spams for
    > tty in your root mailbox, to prevent you may try this in your
    > access:

    > tty@ ERROR:"4.2.2:450 No such user here."

    > and so on for each systema account and rebuild the access.db and
    > probably your headache goes away

    The problem I have is that when mail is bounced back mail from
    spammers often comes from forged addresses and I get emails
    from the far site indicating there are unknown users.

    So I find routing noexistant users to /dev/null is more productive.
    While it's not exactly the best way to do it, there are so many
    bogus addresses sending mail I haven't found a good alternative.

    One site we handle has one of those strong standalone names that
    don't require any advertising to come up #1 on google or msn and
    when it finally hit 300,000 spams/day for that one domain I took
    out the MX records.

    I use the access.db for blocking known places and I won't send
    anything back at all - I used the DISCARD verb as sending messages
    back does nothing but generate more traffic.

    > >
    > > ________________________________
    > >
    > > From: Bill Vermillion [mailto:bv@wjv.com]
    > > Sent: Sun 2/13/2005 2:30 PM
    > > To: Noah Davidson
    > > Cc: FreeBSD-ISP List
    > > Subject: Re: Sendmail question
    > >
    > >
    > >
    > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say
    > >
    > > on or about Sun, Feb 13, 2005 at 14:10 :
    > > > I have set up a new FreeBSD box as mainly a backup mail server,
    > > > although it is primary for a couple of domains. It is running
    > > > sendmail 8.13.3 and it works fine, except for all the spam that
    > > > is being sent to it to bad email addresses. I have aliased
    > > > the root account to an email group on another server so that
    > > > someone reads the root mail. The problem is that all the mail
    > > > that spammers are sending to address that do not exist get
    > > > bounced and the root account a notification (I believe it
    > > > is the postmaster alias which is aliased to root). Is there
    > > > any way to not have these notifications sent out. They are
    > > > filling up the mail boxes. I just want the return to sender, but
    > > > not to the root / postmaster as well. I have tried using the
    > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an
    > > > additional account as well.
    > >
    > > Making assumptions that your sendmail is receiving bogus mail
    > > for accounts that you have sendmail receive here is approach you
    > > can take.
    > >
    > > Assume you have domains a.com b.com and c.com and your
    > > local-host-names has those.
    > >
    > > Then you need to find out what users you have for each domain
    > >
    > > If you have curly larry and moe on a.com and no one else, then you
    > > can build a virtualusrtable that looks like this.
    > >
    > > curly@a.com curly
    > > larry@a.com larry
    > > moe@a.com moe
    > > @a.com nouser
    > >
    > > And the accnount 'nouser' will be in your /etc/mail/aliases
    > > file and will look like this:
    > >
    > > nouser: /dev/null
    > >
    > > Run make in /etc/mail to create virtusertable.db and aliases.db
    > > and that should get rid of the bogus names going to root.
    > >
    > > I find the virtualusertable to be quite handy for elminating a lot
    > > of junk. It will only be a problem if you have a large user
    > > base or lots of domains.
    > >
    > > Bill
    > > --
    > > Bill Vermillion - bv @ wjv . com
    > >
    > >
    > > _______________________________________________
    > > freebsd-isp@freebsd.org mailing list
    > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
    >
    > --
    >
    >
    > Infomatik
    > implementamos asas na sua rede.
    > (18)3551.3591 (18)8112.7007
    > _______________________________________________________
    > Participe na lista de seguran?a,
    > recebendo as mais importantes not?cias na hora
    > Entre em http://info.matik.com.br e participe.
    > _______________________________________________________
    > Mensagens sem assinatura GPG n?o s?o nossas.
    > Messages without GPG signature are not from us.
    > _______________________________________________________ 

    --
Bill Vermillion - bv @ wjv . com
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
  • Next message: Suporte Matik: "Re: Sendmail question"

    Relevant Pages

    • Re: Sendmail question
      ... Is there any way to not have all of these bounced mail ... > tty in your root mailbox, to prevent you may try this in your ... > Mensagens sem assinatura GPG n?o s?o nossas. ... Bill Vermillion - bv @ wjv. ...
      (freebsd-isp)
    • Re: Sendmail question
      ... On Monday 14 February 2005 01:33, Noah Davidson wrote: ... > rejected mail from the exchange server is bouncing back and a copy is sent ... This bounced mail is filling up the root ... Is there anyway to not have the bounced mail go to the root ...
      (freebsd-isp)
    • Re: Hmm.. / is 108%!
      ... zomen nemororz izaziz zander isorziz", ... > Filesystem 1K-blocks Used Avail Capacity Mounted on ... Also you might use du on anything mounted on root. ... Bill Vermillion - bv @ wjv. ...
      (freebsd-isp)
    • Re: If you used Linux before why did you switch to FreeBSD?
      ... Shared administrative accounts are a recipe for disaster anyway you ... >far as to actually disable the root account). ... Linux lovers of the highest order. ... Bill Vermillion - bv @ wjv. ...
      (comp.unix.bsd.freebsd.misc)
    • Re: Renaming files by counting the number of files
      ... >let an idiot run around as root on a commercial UNIX system (and yes, ... so the root home directory is /root and not / ... SCO or Solaris. ... Bill Vermillion - bv @ wjv. ...
      (comp.unix.sco.misc)