On Thu, Aug 23, 2007 at 10:27:32AM +0200, Sbs Bofh wrote:
> There are now many thousands of orphaned mailboxes in the format
> /vmail/<domain>/zzzoidofiahsc caused by spam and bounces.... so this
> behaviour has got to stop :-)
I'm not sure what you mean by "orphaned" in that context. Are the mailboxes
for domains which you host, or for other domains?
> I've started by configuring the front end server to check local_part against
> a list for the domain. relay_to_domains used to be configured to do lsearch
> to check the domain so I've changed exim.conf to use dsearch:
>
> domainlist relay_to_domains = dsearch;/etc/exim/relay
>
> and I've modified the manualroute router to use dsearch and to check the
> local_parts too:
>
> backendrouter:
> driver = manualroute
> domains = dsearch;/etc/exim/relay
> local_parts = lsearch;/etc/exim/relay/$domain
> transport = remote_smtp
> route_list = * backend.server.tld
>
> To stop the frontend server from accepting messages for relay where the
> local_part isn't defined in /etc/exim/relay/domain do I need to configure a
> dsearch in acl_check_rcpt check too? If so, how?
And you're manually maintaining the contents of the /etc/exim/relay/$domain
files, presumably.
All looks sensible. Basically what you need to do is:
1. Ensure that good addresses are routable, and that bad addresses are not.
Use "exim -bt" (on the front end server) to test this. You probably want to
test at least four types of addresses:
* goodlocalpart@???
* badlocalpart@???
* any address at a known, external domain (e.g. exim-users@???)
* any address at a non-existent domain (e.g. test@???)
2. Make sure your acl_smtp_rcpt includes "require verify = recipient"
somewhere.
--
Dave Evans
Power Internet Limited, registered in England #03053650 at Norfolk House,
82 Saxon Gate West, Central Milton Keynes, Buckinghamshire, MK9 2DL.
For more information, see
http://www.powernet.co.uk/~davide/about-powernet
