Large Prod Env Mail Host Was [Re: ClamAV Feedback]

Ow Mun Heng Ow.Mun.Heng at wdc.com
Wed Oct 27 09:58:18 UTC 2004


On Wed, 2004-10-27 at 16:57, Paul Howarth wrote:
> Ow Mun Heng wrote:
> > I couldn't locate a check_mail and check_rcpt in sendmail's Doc (in
> > /usr/share/doc)
> 
> check_mail and check_rcpt are rulesets in the sendmail.cf configuration file. 
> They're probably explained in the sendmail operations guide (?) in the 
> sendmail-doc package.

Hmm.. must check on that then. Thanks

> 
>  > What I did find was just references to it. I did find this though
> > loose_relay_check
> >                 Normally, if % addressing is used for a recipient, e.g.
> >                 user%site at othersite, and othersite is in class {R}, the
> >                 check_rcpt ruleset will strip @othersite and recheck
> >                 user at site for relaying.  This feature changes that
> >                 behavior.  It should not be needed for most installations.
> > 
> > But that is only useful if you're using a single email account to forward to multiple users
> > within your organisation. (but this would need intervention from your ISP to get them
> > to implement the % thingy)
> 
> There was a time when % routing was widely implemented. Not now I suspect, but 
> this isn't what the OP was talking about anyway

I was only refering to this because this is the only thing I found.

> .
> 
> > I believe you're building sendmail yourself them. How does one check if
> > using rpm(?) Do you know? (I'm booted into gentoo and I know sendmail is
> > compiled with ldap support)
> 
> Run: sendmail -d0.10 < /dev/null
> 
> The output should include LDAPMAP.

Cool. What does 0.10 means? Putting only -d also works.

> > If I understand your explanation of check_mail and check_rcpt correctly,
> > it only adds a level of security/anti-relay check correct?
> 
> check_mail and check_rcpt are rulesets called by sendmail when the SMTP MAIL 
> FROM: and RCPT TO: commands are issued respectively [actually that's not 
> strictly true if FEATURE(`delay_checks') is being used, but it's the same 
> principle]. Just about any sort of check that can be expressed in rulesets can 
> be done at these times. For instance, I check that the connecting client isn't 
> trying to forge my hostname or IP address in their SMTP HELO greeting. I also 
> use checks in these rulesets to reject mail from domains whose MX records are 
> in IP space controlled by certain spammers.

Understand, essentially a security check then. Again, this can be done
in postfix too right(?) whether or not it's versatile, I'm not too sure.


> >>This is also where Bogofilter is
> >>called if we do spam filtering.  
> > 
> > Stupid Question. Is Spamassassin via spamass-milter (the mitler side)
> > slower or more resource intensive compared to bogofilter?
> 
> SpamAssassin does much more than bogofilter so I'd expect it to be more 
> resource intensive. Since I don't use either though, I couldn't say definitively.

I use SpamAssassin's milter to sendmail. It's quite resource intensive.




More information about the fedora-list mailing list