You are viewing a plain text version of this content. The canonical link for it is here.

Posted to server-user@james.apache.org by Ignacio Bolivar <ig...@yahoo.com> on 2004/09/01 20:17:17 UTC

JDBCVirtualUserTable Mail Loop Question

Hello, all.  Thanks in advance for reading this mail,
and hopefully helping out.

We're using JAMES v2.2.0 as an internal SMTP/POP
server in support of a simple mail client component of
an internal web application.  JAMES is happily using
the user table in our database for determining valid
users, authenticating via passwords, etc.  In fact,
everything is working swimmingly.

Externally originated inbound mail destined for our
domain first goes through a separate machine, as
specified via MX records in DNS, running Sendmail +
MailScanner + SpamAssassin for culling infected/spam
mails.  Then, if the mail passes those tests, a local
Sendmail mailertable entry passes that mail to JAMES. 
Likewise, for outbound destined, non-local domain
mails, JAMES passes to the same server for
sanitization, etc.

This all works great, except for when an inbound mail
with the right domain, but a bogus user, gets into
JAMES.  JAMES checks against the JDBCVirtualUserTable
and sees that there is no user, and rather than
dropping or bouncing with a 'No such user' message, it
looks in DNS, sees the MX for our domain, and passes
it back to our Sendmail server.  As you can see, this
results in a nasty loop.

What can we do to prevent this?  Ideally, JAMES would
recognize itself as canonical for our domain, see that
the user is bogus, and either /dev/null it, or bounce
it.

Thanks very much again, in advance.

Igi


		
_______________________________
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
http://promotions.yahoo.com/goldrush

---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

RE: JDBCVirtualUserTable Mail Loop Question

Posted by Ignacio Bolivar <ig...@yahoo.com>.

"Noel J. Bergman" <no...@devtech.com> wrote:

> Sounds as if you've changed the processing for
> addresses that are in a local
> domain and not delivered.  You should have had
> something like:
> 
>  <mailet match="HostIsLocal" class="ToProcessor">
>     <processor> local-address-error </processor>
>     <notice>550 - Requested action not taken: no
> such user here</notice>
>  </mailet>
> 
> after your LocalDelivery mailet, which would have
> prevented those from going
> back out.

Noel, here, I think, is the relevant section from our
config.xml:

<mailet match="All" class="JDBCVirtualUserTable">
      <table>db://userdb/users</table>
</mailet>

<mailet match="RecipientIsLocal"
class="LocalDelivery"/>

<mailet match="HostIsLocal" class="ToProcessor">
      <processor> local-address-error </processor>
      <notice>550 - Requested action not taken: no
such user here</notice>
</mailet>

Still, if an email comes in for a valid domain, but
unvalid user, the email gets sent back out to the
primary MX host which then forwards it back to JAMES.

How can we fix this?  Should we create a local DNS
entry on the JAMES server such that when JAMES does a
lookup, it sees itself as being canonical?  That seems
a bit kludgey. . .

Thanks, so much, for your time.

Igi 

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org

RE: JDBCVirtualUserTable Mail Loop Question

Posted by "Noel J. Bergman" <no...@devtech.com>.

> JAMES checks against the JDBCVirtualUserTable
> and sees that there is no user, and rather than
> dropping or bouncing with a 'No such user' message,
> it looks in DNS, sees the MX for our domain, and
> passes it back to our Sendmail server.

> Ideally, JAMES would recognize itself as canonical
> for our domain, see that the user is bogus, and
> either /dev/null it, or bounce it.

Sounds as if you've changed the processing for addresses that are in a local
domain and not delivered.  You should have had something like:

 <mailet match="HostIsLocal" class="ToProcessor">
    <processor> local-address-error </processor>
    <notice>550 - Requested action not taken: no such user here</notice>
 </mailet>

after your LocalDelivery mailet, which would have prevented those from going
back out.

	--- Noel


---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org