Re: Backscatter solution

Dennis Peterson <dennispe@xxxxxxxxxx> writes:

Andrzej Adam Filip wrote:
Dennis Peterson <dennispe@xxxxxxxxxx> writes:

Marcelo Maraboli wrote:
Yes, you´re right, milter-ahead does that, but it requires a site
license $$$$....
regards,

In a business environment it is quite likely cheaper over the lifetime
of the process to buy the license than to try to keep Sendmail and
Exchange/AD sync'd in a timely fashion. While convenient, it may not
be the appropriate tool in a not-for-profit or soho environment.
1) I am under impression that it is possible to make sendmail query
AD
via LDAP protocol. I personally would recommend systems able to mask
"maintenance" of MS Exchange.
2) AFAIK it is possible to make exchange export "global address book" to
text file (csv or tab separated) [AFAIR it requires non standard set
of "column headers" in the file]. It would require 1-2 hours of
testing to write perl/awk script converting the file to format
sendmail likes.


I would love to be able to query AD from sendmail but our security
requirements don't permit my perimeter systems to spam the DMZ to chat
it up with Exchange/AD. I should have made that clear in my earlier
response as it is an option for some.

Such restriction makes sense for DMZ mail gateway but not all
installation (e.g. non DMZ) have to/should deploy such restrictions.

I'd considered setting up an LDAP proxy to get around the problem,
then I decided to use a milter-ahead type solution as it is fast
(cached responses), secure, and cheaper than any other solution.

There are a few solutions to choose from for fixing sendmail to exchange
gateway backscatter. I do not attempt to claim any one of them is the
best fit for all "deployment enviroments".

--
[pl>en: Andrew] Andrzej Adam Filip : anfi@xxxxxxxxxxxx : anfi@xxxxxxxx
http://anfi.homeunix.net/sendmail/ http://www.linkedin.com/in/andfil
Before You Ask: http://anfi.homeunix.net/sendmail/B4UAsk-Sendmail.html
.

Relevant Pages

  • Re: Setting up sendmail on Solaris 10
    ... I am trying to setup sendmail 8.13 on our Solaris 10 environment. ... we want is to have all the local hosts in our environment forward ... a alias in DNS pointing to an exchange server, ...
    (comp.mail.sendmail)
  • Re: Setting up sendmail on Solaris 10
    ... I am trying to setup sendmail 8.13 on our Solaris 10 environment. ... we want is to have all the local hosts in our environment forward ... a alias in DNS pointing to an exchange server, ...
    (comp.mail.sendmail)
  • Re: Sendmail, Procmail and (ugh) Exchange
    ... Due to the crappy filtering available in Exchange, I want to still use procmail. ... We also still want to use sendmail for handling some other issues ... First remember that Procmail is a "Local Delivery Agent" that Sendmail calls for local delivery. ...
    (comp.mail.sendmail)
  • Re: Unable to receive e-mail from particular domain
    ... We've been running an Exchange 2003 server behind NAT for some ... NATted to the Sendmail box. ... it's obvious a Onetel server connects to our ...
    (comp.mail.sendmail)
  • Re: Percent Hack
    ... It wouldn't actually be fronted by exchange - I've formulated a solution ... rather than a static list on the debian box). ... I don't want to have to upgrade them as my Redhat knowledge is limited - ... is better than an ancient sendmail one. ...
    (comp.mail.sendmail)