Created
September 26, 2012 16:14
-
-
Save colemanjp/3788947 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
LOCAL_RULESETS | |
SLocal_check_rcpt | |
# `nosmtpusers for Proofpoint' | |
# `Per-user blocking for compromised SMTP auth sessions' | |
R$* $: $&{auth_authen} | |
R$* $: $(access yaleblocklist:$1 $) | |
RBLOCKED $#error $: "553 Sender blocked" | |
Intuitively, this should go in Local_check_mail, but per | |
http://www.sendmail.com/sm/open_source/docs/m4/anti_spam.html#delay_check | |
check_mail and check_relay are skipped if FEATURE(`delay_checks') is on and the sender has authenticated. | |
" | |
By using FEATURE(`delay_checks') the rulesets check_mail and check_relay will not be called when a | |
client connects or issues a MAIL command, respectively. Instead, those rulesets will be called by | |
the check_rcpt ruleset; they will be skipped if a sender has been authenticated using a "trusted" mechanism... | |
" | |
Since we don't control what proofpoint turns on and off, putting this in check_rcpt seems like the safest thing to do. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment