When configuring a primary and secondary sendmail server, how does the secondary mail server know it should relay anythign to the primary one?
Is it just by the mailserver examining the DNS mx records, or is there something else in either of the sendmail configurations?
Steve
Once upon a time, Steve Searle steve@stevesearle.co.uk said:
When configuring a primary and secondary sendmail server, how does the secondary mail server know it should relay anythign to the primary one?
Is it just by the mailserver examining the DNS mx records, or is there something else in either of the sendmail configurations?
Basically, you configure the secondary to relay (but not deliver) mail for the domain(s). For sendmail, this would mean putting a line like:
To:example.com RELAY
in /etc/mail/access (and running "make" in /etc/mail to update the db). When mail for that domain comes in, sendmail will see the MX record and attempt to pass mail on to a higher-preference (lower number) MX.
However, there's a big problem with doing this (not a sendmail specific problem): the secondary doesn't know which @example.com addresses are valid and invalid. By default, it will accept email for all such addresses and try to forward them. When somebody sends an email to an invalid @example.com address via the secondary, the primary will reject the message and the secondary will generate a bounce message back to the apparent sender.
This is a problem because spammers know about this loophole and will try to dump spam (to massive numbers of invalid addresses) on your secondary server (usually with forged sender addresses). The secondary will then bounce the spam to people that didn't actually send the messages; this is called "blowback" and will get your secondary server on spam blocklists in short order.
You really need the secondary to have some way of knowing all the valid recipient addresses at the domain (and have any spam filtering configured to match), so it doesn't accept mail that the primary wouldn't.
This is more complicated; for sendmail, you have to write a few custom rulesets (not really very much). The bigger issue is that you need some way for the secondary to know the valid addresses on the primary; the usual way is to have all users, aliases, etc. in LDAP (and replicate the LDAP to the secondary).
Chris Adams cmadams@hiwaay.net wrote:
[snip]
You really need the secondary to have some way of knowing all the valid recipient addresses at the domain (and have any spam filtering configured to match), so it doesn't accept mail that the primary wouldn't.
This is more complicated; for sendmail, you have to write a few custom rulesets (not really very much). The bigger issue is that you need some way for the secondary to know the valid addresses on the primary; the usual way is to have all users, aliases, etc. in LDAP (and replicate the LDAP to the secondary).
I use sfm-sav to verify the recipient addresses. It works by querying the server and caching results. It can be used for both recipient and sender addresses, but most of the junk I get is the millions of generated recipients, so this nicely refuses them at the seconday. It integrates well with sendmail, requiring only minor updates to sendmail.mc. Unfortunately, the package is not part of the fedora family, as far as I can tell, but it is available at sourceforge. Seems to me I had to do some minor tweeking. There are interface problems with selinux. I've written a script that handles them and will be glad to send my updates to anyone interested. The "use at your own risk" caveats apply, of course.
I would also recommend milter-greylist. This package is available via the standard fedora repositories. This greylisting cut our incoming e-mail (almost all of it spam) down by about 95%.
-
Chris Adams -
Gregory P. Ennis -
Rich Mahn -
Steve Searle