Date: Sat, 7 Apr 2007 21:53:03 +1000 From: "Christopher Martin" <outsidefactor@iinet.net.au> To: "'Mikhail Goriachev'" <mikhailg@webanoide.org> Cc: freebsd-questions@freebsd.org Subject: RE: Receiver (To/CC envelope fields) addresses verification against LDAP/Active Directory in sendmail Message-ID: <06d001c7790b$4d67adf0$d315a8c0@SAURON> In-Reply-To: <46172A9C.40709@webanoide.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Mikhail Goriachev [mailto:mikhailg@webanoide.org] > Sent: Saturday, 7 April 2007 3:23 PM > > > You could use /usr/ports/mail/mimedefang (www.mimedefang.org) miltered > into your sendmail. Sorta like py-milter but in perl. The simplest, > quickest and dirtiest solution would be to feed a list of valid > recipients into mimedefang and let it "accept" or "reject" incoming > mail. Then it is a matter of finding a way to keep the list up to date. > > Or, instead of feeding mimedefang with a list, you could instruct it to > poll your internal mail server like you already suggested. > > For a long term solution I prefer storing aliases, maps, etc. in LDAP. The LDAP solution would be ideal. The export/access list method you suggest is what LDAPMAP seems to do, but it doesn't compile. I am no coder, so if it doesn't compile right off I won't use it, figuring it will be a hack each time it has to be updated even if I manage to figure out what's stopping it from compiling. I am considering writing a script that exports all valid addresses from Active Directory via LDAP and then processes the results and appends it to the sendmail access database (I hope that there is an alternative to REJECT, as that would enable directory harvesting), a catch-all in virtual users to send anything that isn't valid straight to /dev/null. This poses some risks, however. I would have to build in checks to make sure that an empty or incomplete list was never posted, otherwise, whammo, all mail gone. Will give it some thought. I see Mimedefang everywhere, but I have not messed about with it yet. I guess I need to run up a trial VM to have a go, though I have absolutely no perl skills at all. Thanks for the suggestions! Chris Martin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?06d001c7790b$4d67adf0$d315a8c0>