Solved

Configuring SENDMAIL to queue 'undeliverable' mail

Posted on 2004-05-02
8
673 Views
Last Modified: 2013-12-17
I'm running sendmail-8.12.8-6.90 on a RH9 box on an internal network

I want to process email for the intranet seperatly: check for tag in subject line, virus check, tunnel through firewall for delivery.

My first thought was to queue all undeliverable emails so that I can raid the mail queue

I tried
   http://www.sendmail.org/faq/section4.html#4.12
but it does not seem to work, and it requires an SMTP gateway to be set up.

2 parts to this question really:
   is there a better way to do this outgoing filtering?
   if not, is there a better way to queue non-local email (HOLD_EXPENSIVE or something)?
0
Comment
Question by:sprinkmeier
  • 3
  • 3
8 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 10978546
I presume that you intend to "manually" check the messages before delivering them from the way the question is phrased. A better approach, which will protect against internal spread of a virus would be to install a server-level anti-virus scanner that scans all mail. I personally prefer MailScanner (http://mailscanner.info) as the framework for an anti-spam/anti-virus filter. It supports some twenty different A/V scanners, including the OpenSource ClamAV.
0
 
LVL 2

Author Comment

by:sprinkmeier
ID: 10982425
Poorly phrased question then :-)

I want to process outgoing mail to keep an achive copy and to ensure that the subject contains (and to remove) a certain tag.

I suppose a sendmail.cf guru could do this, or milter or something, but I want something simple to audit.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10988972
The easiest way of doing this would be to use the same sort of procedure that MailScanner employs to injet itself into the mail stream. What happens is that you create a new queue (/var/spool/mqueue.in) and run a sendmail process as the MTA. This instance of sendmail listens on the SMTP port, accepts messages, and places the qf/df pair in mqueue.in and does no further delivery. Your "filter process" picks up qf/df pairs from mqueue.in, logs, modifies, etc., each message and then places the result in /var/spool/mqueue. Another sendmail instance runs that queue delivering the messgaes,  locally or to Internet hosts.

This is lots easier to implement than writing a custom milter filter and it is a lot safer w/respect to the possibility of losing email.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 2

Author Comment

by:sprinkmeier
ID: 10991793
If I understand correctly, this solution implies a seperate instance of sendmail for "outgoing" mail.

I'm trying to avoid this (we only have one server at the moment).

Additionally, I'd need the main sendmail to know when to use the 'outgoing' sendmail. Once I have the rules in place for this, I actually don't need the other server anymore, I can just pick the queued-undeliverable messages out of the mqueue of the main server (i.e. "send outgogin mail to not-really-there.internal.example.com, then periodically process the queue removing "failed to contact not-really-there.internal.example.com" messages").

I think something like
   http://www.sendmail.org/~ca/email/offline_mailing.html
should to the trick.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 500 total points
ID: 10992082
Alas , I think I've confused you by my reference to multiple instances of sendmail. I'm speaking of sendmail processes, not servers. All of the instances of sendmail would be running on the same server, it's just a change in the way the copies of sendmail are invoked.

Using this method all mail received by the MTA is held in mqueue.in. It becomes the job of your "filter code" to process messages as you see fit and move then to the outgoing queue. You'll have to do that anyway in the code since at any given time there may be messages in the queue that are destined for local users. Note that sendmail doesn't "split" a message into local and remote messages. If one of your users sends an email to a local account and an Internet site, sendmail will hold it if you use something like the above reference since one address is non-local. Delivery to the local account won't occur until the message is processed for Internet delivery.
0
 
LVL 2

Author Comment

by:sprinkmeier
ID: 12120028
jlevie,

project on hold (again).

Thaks for your info.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now