Shaggy
All American
17820 Posts
user info
edit post |
So I use sendmail as part of my spam filter setup. My 3 mx records come into 3 servers running MailScanner and spamassassin using sendmail as the MTA. They then scrub the mail and send it to my domino server. The problem with this is that I would just accept anything bound for my domain. So fffffffffffffffffffffff@mydomain.com would come in, get filtered, and if it got to domino, domino would bounce it back to the sender. Since the sender in these are almost always forged, it sends the failure to some poor slob who never sent the email.
All those mail delivery failures you get for mail you never sent? yYa thats me. This is of course legal by smtp, but smtp is so out of date its retarded.
but check dis script out
#!/usr/bin/perl -w
use strict;
use Net::LDAP;
use File::Basename;
my $progname = basename($0);
my $dominoserver = 'dis is where your host goes';
my $bindDN = 'cn=whoever, o=whereever'; # Must be an admin
my $bindPW = 'passw0rd';
my (@DNSdomains) = ('ur domains');
chomp @DNSdomains;
my $domainfilter = '\@(?i:' . join( '|', @DNSdomains) . ')$';
$domainfilter =~ s/\./\\\./g;
my $dir = "/etc/mail";
my $access_file = "$dir/access";
my $defaults_file = "$dir/access.defaults";
my $db_file = "$dir/access.db";
my $ldap = Net::LDAP->new($dominoserver, port => 389);
my ($msg, @entries, $e);
my ($cn, $mail);
$ldap->bind("$bindDN", password => "$bindPW");
$msg = $ldap->search(
base => '',
scope => 'sub',
#This filter is for Domino LDAP, but you could set your own filter
filter => "(|(objectclass=dominoperson)(objectlcass=dominogroup)(objectclass=dominoServerMailInDatabase))",
attrs => [ 'mail', 'cn' ],
);
die ("search failed with ",$msg->code(),"\n") if $msg->code();
@entries = $msg->entries;
open(ACCESS, "> $access_file") or die("Couldn't open > $access_file\n$!");
my $date=localtime();
print ACCESS << "END";
##############################################################
#
# This access database is generated by $progname, $date
#
# This is regenerated by a cron job
# Any change you make will be wiped out!
#
# Make custom entries in $defaults_file.
#
##############################################################
END
print ACCESS "\n\n";
if ( -f $defaults_file )
{
open DEFAULTS, "$defaults_file"
or die("Could not open $defaults_file\n$!");
while ( )
{
print ACCESS $_;
}
close (DEFAULTS);
}
print ACCESS "\n\n";
print ACCESS "#*************************************\n";
print ACCESS "#\n";
print ACCESS "# Begin entries extracted from Domino \n";
print ACCESS "\n\n";
foreach $e (@entries) {
$cn = $e->get_value('cn');
$mail = $e->get_value('mail') || '-';
my $has_address = $mail cmp '-';
my $passes_filter = $mail =~ /$domainfilter/i ;
if($has_address!=0 && $passes_filter)
{
print ACCESS "To:" . lc($mail) . "\t\tRELAY\n";
}
}
print ACCESS "\n\n";
foreach (@DNSdomains)
{
$_ = lc($_);
print ACCESS qq(To:$_\t\tERROR:5.1.1:550 User unknown\n);
}
print ACCESS "\n";
close(ACCESS);
$msg = `makemap -d hash $db_file < $access_file`
So i dont know perl at all, but someone had writtern perl script to get all the cn and mail attributes out of domino via LDAP. Another person had written another script to get stuff out of AD/Exchange and put it into the sendmail access file. So I kind of hacked them together.
Essentially the script connects to your ldap server and grabs all the objects specified by the filter. Then it gets their mail attribute and filters it against the list of your hosted domains. After that it plops it into the access file along with the contents of a specified static file and then hashes it or whatever.
When setup to run as a cron job it provides an up to date list of valid addresses to sendmail. Requirements are:
FEATURE(`access_db')
FEATURE(`blacklist_recipients') 6/9/2008 10:17:04 AM
|
