[clue-admin] More Postfixing

Jed S. Baer cluemail at jbaer.cotse.net
Wed Jul 23 22:39:53 MDT 2008 

On Wed, 23 Jul 2008 22:15:37 -0600
David L. Anselmi wrote:

> Jed S. Baer wrote:
> > Really, I see no reason for 90% of those aliases, and I'm tempted to
> > just eliminate them altogether. Except that I think if I eliminated
> > them, then mail to them would get accepted and then bounced, as
> > opposed to rejected at SMTP time, and the latter is more efficient.
> > No idea how much junk comes in for some of those.
> 
> I think if they weren't in aliases mail would get accepted for them and 
> put on the spool.  The aliases are a way to send mail to those users to 
> an account that might get read.

Okay, 90% was the wrong figure. But some of them really don't exist
in /etc/passwd.

> So what you really want is a way to tell postfix "these users don't 
> exist" even though they have entries in the passwd file.
> 
> It looks like some clues are here:
> 
> http://www.postfix.org/LOCAL_RECIPIENT_README.html

Well, sort of. That's actually coming at "these users don't exist" from
the backside, by not specifying them as users that *do* exist. Which will
work. Main thing would be that if we add, e.g., another mailing list,
then someone has to remember to put all the Mailman aliases into the
local recipient list.

> but I don't know how old that is.  Instead of the default "look in 
> passwd" you could make your own list of real users (or perhaps there's
> a programmatic way to reject users less than the UID the daemons use).

Well, from what I can tell, the filtering capabilities operate on strings
that are available either in the headers or body of the message. Of
course, I've only stuck my toe in the water so far. I think one could
write a custom milter to filter on UID of recipient(s), but I haven't
gotten into that stuff yet. That sort of thing couldn't be used, AFIAK,
to do a reject at SMPT time.

It'd be possible to write a script to generate entries in, maybe, the
access list for UIDs below some number.

I think I'll find the "psuedo" aliases that don't correspond to real
accounts, and either remove them or make them reject.

Part of what I hope to do is not generate bounces, because that could
backfire into a ton of backscatter spam.

jed

More information about the clue-admin mailing list