On Sun, Jan 22, 2006 at 11:02:41AM +0100, Oliver Fromme wrote: > > Use "/etc/mail/access" or "/etc/mail/virtusertable" to define a list > > of valid e-mail addresses and the problem will go away. > > That doesn't help. I _do_ have access and virtusertable, > and also userdb and alias file. But milter-greylist comes > _before_ all of the valid user checking. That's not true. Try to connect to "mail.zhadum.de" and see for yourself: 220 colwyn.zhadum.org.uk ESMTP Sendmail 8.13.3/8.13.3; Sun, 22 Jan 2006 22:25:09 GMT EHLO xxx 250-colwyn.zhadum.org.uk Hello xxx@xxx [xxx.xxx.xxx.xxx], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 20971520 250-DSN 250-ETRN 250-STARTTLS 250-DELIVERBY 250 HELP MAIL FROM:<foo@...> 250 2.1.0 <foo@...>... Sender ok RCPT TO:<foobar@...> 553 5.3.0 <foobar@...>... User unknown And that server is using "milter-greylist". Here is the logfile entry: Jan 22 22:25:38 colwyn sm-mta[28295]: k0MMP9kR028295: <foobar@...>... User unknown Jan 22 22:25:40 colwyn sm-mta[28295]: k0MMP9kR028295: from=<foo@...>, size=0, class=0, nrcpts=0, proto=ESMTP, daemon=MTA, relay=xxx [xxx.xxx.xxx.xxx] As you can see "milter-greylist" was not involved. > So, unfortunately, there doesn't seem to be a good > solution for the problem. Using "/etc/mail/access" and "/etc/mail/virtusertable" works fine if they are configured accordingly. My "/etc/mail/access" lists all valid users like this ... To:tron@... RELAY ... and ends with a rule which blocks all unknown mail addresses: To:colwyn.zhadum.de error:5.1.1:550 User unknown The list is automatically created from the list of local users and aliases. And each domain in "virtusertable" has a rule to reject unknown addresses: @... error:nouser "User unknown" With such a setup "sendmail" will reject unknown users immediately even if "milter-greylist" is used. Kind regards -- Matthias Scheler http://scheler.de/~matthias/
Message
Re: [milter-greylist] Greylist vs. unknown users
2006-01-22 by Matthias Scheler