Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] Backup MX: verifying addresses

2006-12-08 by Oliver Fromme

Matthias Scheler wrote:
 > Oliver Fromme wrote:
 > > My idea is to have a milter that tells the secondary's
 > > sendmail which addresses are valid on the primary.
 > 
 > Sendmail supports that out of the box:
 > 
 > 1.) Add the domain to "/etc/mail/relay-domains" on the secondary MX and
 >     reload sendmail.
 > 
 > 2.) Add entries to "/etc/mail/access" on the secondary MX which look
 >     like this:
 > 
 > To:valid-address-1@...			RELAY
 > To:valid-address-2@...			RELAY
 > To:valid-address-3@...			RELAY
 > [...]
 > To:do.main					error:5.1.1:550 User unknown

Thanks, but I wrote in my first mail that I cannot do that.
Quoting myself:
 > Of course, one possibility would be to duplicate all users,
 > aliases, virtusertable etc. from the primary to the secon-
 > dary's virtusertable, so it knows all valid addresses.  But
 > I don't want to do that, because the secondary shouldn't
 > know about users on the primary (both are operated by
 > different people that don't need to know each other).
 > It would also make administration much more difficult,
 > because whenever an alias or user is added or changed,
 > I would need to arrange for the same change on the
 > secondary.  (In case of multiple backup MX servers it
 > gets even worse.)

Best regards
   Oliver

PS:  I've just read Emmanuel's email how to do it with
the CVS version of milter-greylist using the "urlcheck"
feature.  That sounds like it's worth trying.

(The only problem is that the primary MX isn't running
a web server, and it really shouldn't.  But maybe I can
hack something up for that purpose, maybe a simple app
that receives HTTP GET requests ...  I'll look into that.)

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

One Unix to rule them all, One Resolver to find them,
One IP to bring them all and in the zone to bind them.

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.