Receiver (To/CC envelope fields) addresses verification against
LDAP/Active Directory in sendmail
Chuck Swiger
cswiger at mac.com
Fri Apr 6 14:43:52 UTC 2007
Christopher Martin wrote:
> Spam with randomly generated recipient addresses is draining our mail
> system's life away, and it seems the easiest way would be to verify the
> receiving party's/parties' address against Active Directory and then
> TEMPFAIL any mails that don't have any valid internal mails (rejects would
> allow directory harvesting to work).
>
> Our network has a frontline mail filter system running FreeBSD 6.2,
> Sendmail, milter-regex, Spam Assassin 3.1.8 and Clam AV, which delivers to
> our internal Exchange server via a smarthost entry.
You don't seem to mention using greylisting-- that will return a 4xx temp
failure for all initial connections (except from sites which have been
whitelisted). Only if the sender retries will the mail go through-- this
works great against dictionary-style attacks.
--
-Chuck
More information about the freebsd-questions
mailing list