[COLUG] Exim4 Recipient Whitelisting
Dave Maxwell
dmaxwell at columbus.rr.com
Sat Sep 22 09:06:16 EDT 2007
I have an Exim4 instance in front of an Exchange 2000 server acting as a
ClamAV/SpamAssassin filter. Exchange 2000 does a very very braindead thing
with non-existent users. It will quietly accept the mail then mail a bounce
to the From: an hour or two later. This makes deliberate use of blowback for
spam bouncing trivially easy. Doing a callout/verify on the Exim4 side
doesn't work as Exchange will vouch for any To: that has
@exchange_servers_domain.com. Exchange 2000 simply doesn't have the ability
terminate at SMTP receive time mails to non-existant recipients.
What I need to do is simply give Exim4 a list of valid recipients. I could
then reject mails to non-existent recipients at SMTP connection time. It is
a small business with low turnover and having small text file on the Exim4
side of valid recipients is an entirely practical means to deal with this.
I've found many many howtos on Sender verification and almost everything I've
found on recipient verification assumes a callout to the smarthost works
correctly.
The only other way I've found to do it is to make Exim4 query Active Directory
over LDAP to test recipient validity. If I have no choice, I'll do it that
way but I'd prefer something less 'brittle'.
Thanks
Dave
--
Oh yeah. Forgot about those. Getting senile, I guess...
-- Larry Wall in <199710261551.HAA17791 at wall.org>
More information about the colug432
mailing list