Need an SMTP-level mail bouncer

Need an SMTP-level mail bouncer

am 09.04.2008 17:14:14 von Gary Mills

We currently have about 30,000 inactive accounts that are still in our
password map. These belong to former users who have left the
organization and are no longer eligible for an account. These
accounts should not receive e-mail. I have a cron command that runs
regularly to create aliases for these accounts. Each alias runs a
vacation-like auto-responder that informs a sender that the
recipient's account is no longer active.

I have some complaints of `backscatter' from this facility. Is there
a way that I can replace it with something that rejects a message at
the SMTP level? That would give the SMTP peer responsibility for
notifying the sender. I realize that I'd be limited to a a single
text string in the SMTP response, but I could include a URL there to
provide a more detailed explanation. Does sendmail have such an alias
facility?


--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-

Re: Need an SMTP-level mail bouncer

am 09.04.2008 17:46:22 von Andrzej Filip

Gary Mills wrote:

> We currently have about 30,000 inactive accounts that are still in our
> password map. These belong to former users who have left the
> organization and are no longer eligible for an account. These
> accounts should not receive e-mail. I have a cron command that runs
> regularly to create aliases for these accounts. Each alias runs a
> vacation-like auto-responder that informs a sender that the
> recipient's account is no longer active.
>
> I have some complaints of `backscatter' from this facility. Is there
> a way that I can replace it with something that rejects a message at
> the SMTP level? That would give the SMTP peer responsibility for
> notifying the sender. I realize that I'd be limited to a a single
> text string in the SMTP response, but I could include a URL there to
> provide a more detailed explanation. Does sendmail have such an alias
> facility?

0) You can use
former user alias -> short alias -> virtusertable entry -> custom error message
[It uses sendmail "as it is" and requires no new sendmail features ]

aliases file:
# map short "domainless" name to name with domain handled by virtusertable
FORMER: FORMER@localhost
# list of former users
no_loger_here_user_1: FORMER
no_loger_here_user_2: FORMER
....

virtusertable file:
# map special name to custom error message
FORMER@localhost error:nouser Former user no longer her

You can test it for one user using the commands below:
sendmail -bv no_loger_here_user_1
sendmail -d60.5 -d27.2 -bv no_loger_here_user_1

[the second produces more detailed output to troubleshoot problems]

1) You can create your own feature similar to FEATURE(`redirect')
cf/feature/redirect.m4 is a small file used to generate sendmail.cf

P.S.
You may consider appending URL link to the error message

--
[pl>en: Andrew] Andrzej Adam Filip anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/
Work expands to fill the time available.
-- Cyril Northcote Parkinson, "The Economist", 1955

Re: Need an SMTP-level mail bouncer

am 09.04.2008 18:42:47 von Gary Mills

In <5bu3ru3678.Robinson@joseph.fsf.hobby-site.com> Andrzej Adam Filip writes:

>Gary Mills wrote:

>> I have some complaints of `backscatter' from this facility. Is there
>> a way that I can replace it with something that rejects a message at
>> the SMTP level? That would give the SMTP peer responsibility for
>> notifying the sender. I realize that I'd be limited to a a single
>> text string in the SMTP response, but I could include a URL there to
>> provide a more detailed explanation. Does sendmail have such an alias
>> facility?

>0) You can use
> former user alias -> short alias -> virtusertable entry -> custom error message
> [It uses sendmail "as it is" and requires no new sendmail features ]

Thanks for the suggestion. I'll try that.

--
-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-

Re: Need an SMTP-level mail bouncer

am 10.04.2008 04:11:28 von spam

"Gary Mills" wrote in message
news:ftimg6$h0v$1@canopus.cc.umanitoba.ca...
> We currently have about 30,000 inactive accounts that are still in our
> password map. These belong to former users who have left the
> organization and are no longer eligible for an account. These
> accounts should not receive e-mail. I have a cron command that runs
> regularly to create aliases for these accounts. Each alias runs a
> vacation-like auto-responder that informs a sender that the
> recipient's account is no longer active.
>
> I have some complaints of `backscatter' from this facility. Is there
> a way that I can replace it with something that rejects a message at
> the SMTP level? That would give the SMTP peer responsibility for
> notifying the sender. I realize that I'd be limited to a a single
> text string in the SMTP response, but I could include a URL there to
> provide a more detailed explanation. Does sendmail have such an alias
> facility?

Why not REMOVE the accounts?

Re: Need an SMTP-level mail bouncer

am 10.04.2008 12:37:31 von Tilman Schmidt

Gary Mills schrieb:
> We currently have about 30,000 inactive accounts that are still in our
> password map. [...] These
> accounts should not receive e-mail.

I take it as given that there is a very good reason why these accounts
cannot be simply removed from the map.

> I have a cron command that runs
> regularly to create aliases for these accounts. Each alias runs a
> vacation-like auto-responder that informs a sender that the
> recipient's account is no longer active.
>
> I have some complaints of `backscatter' from this facility.

Quite understandably.

> Is there
> a way that I can replace it with something that rejects a message at
> the SMTP level?

Put lines like:

To:inactive.account@your.doma.in ERROR:"550 5.7.1 Inactive account, see http://explanatory.page"

in your access DB. (Change the error code according to taste, mine
says "policy rejection", you might prefer "mailbox unavailable" or
something else still.)

HTH
T.

--
Please excuse my bad English/German/French/Greek/Cantonese/Klingon/...

Re: Need an SMTP-level mail bouncer

am 10.04.2008 13:16:15 von Andrzej Filip

Tilman Schmidt wrote:

> Gary Mills schrieb:
>> We currently have about 30,000 inactive accounts that are still in our
>> password map. [...] These
>> accounts should not receive e-mail.
>
> I take it as given that there is a very good reason why these accounts
> cannot be simply removed from the map.
>
>> I have a cron command that runs
>> regularly to create aliases for these accounts. Each alias runs a
>> vacation-like auto-responder that informs a sender that the
>> recipient's account is no longer active.
>>
>> I have some complaints of `backscatter' from this facility.
>
> Quite understandably.
>
>> Is there
>> a way that I can replace it with something that rejects a message at
>> the SMTP level?
>
> Put lines like:
>
> To:inactive.account@your.doma.in ERROR:"550 5.7.1 Inactive account, see http://explanatory.page"
>
> in your access DB. (Change the error code according to taste, mine
> says "policy rejection", you might prefer "mailbox unavailable" or
> something else still.)

Your suggestion requires multiple access entries per one user if the
host handles many local domains e.g. example.com and host.example.com

--
[pl>en: Andrew] Andrzej Adam Filip anfi@xl.wp.pl
Open-Sendmail: http://open-sendmail.sourceforge.net/
He only knew his iron spine held up the sky -- he didn't realize his
brain had fallen to the ground.
-- The Book of Serenity

Re: Need an SMTP-level mail bouncer

am 10.04.2008 15:48:09 von unknown

Post removed (X-No-Archive: yes)

Re: Need an SMTP-level mail bouncer

am 15.04.2008 14:47:35 von Tilman Schmidt

Res schrieb:
> On Thu, 10 Apr 2008, Tilman Schmidt wrote:
>
>> To:inactive.account@your.doma.in ERROR:"550 5.7.1 Inactive account, see http://explanatory.page"
>
> I agree with this, except, he should use simply To:inactive.account
> _without_ a domain, ie:
>
> To:res ERROR:"550 5.7.1 Inactive account, see http://explanatory.page"

Depends on the domain setup. My proposal is geared for the situation
where addresses with the same local part in different domains may refer
to different mail accounts. Yours is better suited to the case where a
given local part refers to the same account in all domains.

HTH
T.

--
Please excuse my bad English/German/French/Greek/Cantonese/Klingon/...