Re: [exim] Accept Mail only to known recipients

Top Page
Delete this message
Reply to this message
Author: Odhiambo G. Washington
Date:  
To: exim-users
Subject: Re: [exim] Accept Mail only to known recipients
* On 01/08/06 20:58 +0100, Jeremy Harris wrote:
| Odhiambo G. Washington wrote:
| > I need some advise on a task I am working on towards spam control and
| > bandwidth saving. I am going to have a dedicated server hosted somewhere
| > upstream and this server is going to be my highest priority MX for several
| > thousand domains.
|
| I assume you have a low-bandwidth (or expensive) link?


Expensive.


| Where are your secondary MX's (given that plenty of spammers hit them
| by preference or stupidity)?



In my server room here ;)
It's local to where I sit.


| > Basically, I want to save as much bandwidth as possible by stopping spam
| > and viruses upstream.
| > 
| > There is not going to be any local deliveries on this server though.
| > What I want to do is to "let it know" all the recipient addresses on
| > the thousand domains. I'll be synchronising the list of recipients to 
| > this server at good intervals to keep the recipients list updated.
| > Any mail that is not addressed to the "known" recipients need to be 
| > rejected out there, just like the identified spam and virii. I just 
| > need to get advise/warnings on:
| > 
| > 1. What is the dandiest way to do this? After all dnsbl, I want to
| >    accomplish all the checks at acl_smtp_rcpt and reject any unknown
| >    recipients.
| 
| Do you have any constraints on data formats? That is, is your recipient
| address list already in one place with you not wanting to do a
| conversion? If it is, then you replication method needs to fit the
| existing data store.


My data is going to be generated in the form or local_part@???.
Most of it is in MySQL db, while some are in /etc/passwd.
I think the challenge is going to be in handling aliases, now that
you've raised such an issue...


| What is your allowable latency for an update - a few seconds, or days?


I haven't understood the question, sorry. Could you please rephrase?
Basically I am going to formulate a policy on the update schedules.



| Do your secondary-MX systems need access to the same data?
| With what update-latency?


They may, but it's not a priority at the moment, although I need to
think about the secondaries issue again ;)
I'll probably put a secondary out there as well.


| Would merely having a database (pgsql, mysql or whatever) on the
| primary-MX machine suffice, with you doing manual operations on it
| using command-line tools from your downstream sites?


It might, but I haven't considered this, as lookups will be involved,
translating into constant traffic down my link, which I could save
with scheduled rysnc/other update method.
I want the server out there to have the information "locally" in
something like cdb.



        cheers
       - wash 
+----------------------------------+-----------------------------------------+
Odhiambo Washington                    . WANANCHI ONLINE LTD (Nairobi, KE)  |
wash () WANANCHI ! com            . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223            . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121            . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"  
                         --from a /. post