Dear All,
In our PMG tests we enabled LDAP authentication so users can check their quarantine area without waiting for an email report.
This seems to work well.
We are also trying to prevent email backscatter by dropping emails to nonexistent accounts during the SMTP conversation.
To do this we enabled "Before Queue filtering",
Then created a new "who" object in the filters, selecting the "Unknown LDAP address, any profile" option, and called it "Not_LMB_User"
We then added a filter rule "Drop unknown recipient", with Action "Block", From "Not_LMB_User"
Initial testing shows that this works:
jg@pcterm01:~/ telnet purgatory.mrc-lmb.cam.ac.uk smtp
Trying 10.1.4.46...
Connected to purgatory.mrc-lmb.cam.ac.uk.
Escape character is '^]'.
220 purgatory.lmb.internal ESMTP Proxmox
MAIL FROM:<joe.blogs@gmail.com>
250 2.1.0 Ok
RCPT to:<invalid_should_not_be_accepted@mrc-lmb.cam.ac.uk>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: test from telnet, port 25
this is a boring test message
.
554 5.7.1 Rejected for policy reasons (C0626633FE390DFCCF)
If the internal account exists, the mail is accepted and is delivered.
Firstly, is the correct way to block backscatter?
Secondly, if our LDAP server is temporarily unavailable, will all incoming email be rejected?
Or does the following entry in the logs indicate that we have a local cache? and if so, can the filter use it?
Oct 7 15:00:03 purgatory pmg-hourly[10352]: finished syncing ldap profile 'SciComp-LDAP' (uldap1.lmb.internal): found 3211 accounts, 3211 addresses, 0 groups
many thanks
Jake
In our PMG tests we enabled LDAP authentication so users can check their quarantine area without waiting for an email report.
This seems to work well.
We are also trying to prevent email backscatter by dropping emails to nonexistent accounts during the SMTP conversation.
To do this we enabled "Before Queue filtering",
Then created a new "who" object in the filters, selecting the "Unknown LDAP address, any profile" option, and called it "Not_LMB_User"
We then added a filter rule "Drop unknown recipient", with Action "Block", From "Not_LMB_User"
Initial testing shows that this works:
jg@pcterm01:~/ telnet purgatory.mrc-lmb.cam.ac.uk smtp
Trying 10.1.4.46...
Connected to purgatory.mrc-lmb.cam.ac.uk.
Escape character is '^]'.
220 purgatory.lmb.internal ESMTP Proxmox
MAIL FROM:<joe.blogs@gmail.com>
250 2.1.0 Ok
RCPT to:<invalid_should_not_be_accepted@mrc-lmb.cam.ac.uk>
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: test from telnet, port 25
this is a boring test message
.
554 5.7.1 Rejected for policy reasons (C0626633FE390DFCCF)
If the internal account exists, the mail is accepted and is delivered.
Firstly, is the correct way to block backscatter?
Secondly, if our LDAP server is temporarily unavailable, will all incoming email be rejected?
Or does the following entry in the logs indicate that we have a local cache? and if so, can the filter use it?
Oct 7 15:00:03 purgatory pmg-hourly[10352]: finished syncing ldap profile 'SciComp-LDAP' (uldap1.lmb.internal): found 3211 accounts, 3211 addresses, 0 groups
many thanks
Jake
