Liste des Groupes | Revenir à cm sendmail |
internet internetI take it that host A is not fully aware of the recipient addresses that are on host B. Thus why host A needs to bounce / DSN / NDR a message that it accepted responsibility for.
recv. email
| ^
| |
| |
V |
+------------+ +------+-----+
| A | | B |
| mailert +---1-->| auth |
| accessmap | | |
| ldapr | | |
+------+-----+ +------------+
|
|
|
V
+------+-----+
| C |
| |
| virtuser |
| |
+------------+
host a: incomming, mx
host b: outgoing, smtp with user auth
host c: user mailboxes, user@example.com (not test@example.com)
Indeed. I am trying to use email addresses here and not domains. So NDR are generated on host A / mx server.
I have there, access:Do you also have a corresponding REJECT?
to:test@example.com RELAY
This ldap entry currently makes emails being routed from the mx server A to the outgoing server BThat's what I thought.
correctThank you for confirming.
Yes the above does this currently with ldap routing. But I don't know if this is the best way to do it.My dusty understanding of LDAP routing is that it's intended for multiple servers to share the same domain name(s); e.g. @example.com, and know which server hosts specific mailboxes. Meaning that both host A and host C would be configured with @example.com in their local-host-names file.
host C, LOCAL is not in the spf records. I think external access is even blocked. I had spammers by passing spam blocking on the mx / host a and delivering directly to CSPF is about the connecting host.
ok I made note of this, I will enhance this later.:-)
I am not sure if my outgoing, host b, has access to the local-host-names. It is still using the same clusterid as host c and can probably access the local-host-names.Even if it doesn't have access to the local-host-names file on hosts A or C, you could probably copy the contents to a similar file and configure the methodology to use that file in lieu of the local-host-names file.
But I think in the near future I will create a separate clusterid for the outgoing, host b.Okay.
(Used to have everything in one host)ACK
At some point in the future I would like to secure host b more, so authenticated users can only send out email with their assigned address.I'm aware that such is done by some MTAs. I've wondered about doing that with Sendmail. But then I realized that users were authenticating, thus I would have a good idea (but no guarantee) who, or at least which account, was being used to abuse things. I've not needed to actually go down this path (yet).
So currently I am able to route from host a to host b the emails send to test@example.com.You could SRS /everything/ leaving host B. It won't actually hurt anything.
How should I go about to enable SRS for senders to test@example.com on host b?
Les messages affichés proviennent d'usenet.