Question : How do I prevent Secondary MX from being used to relay junk mail to Primary?

Using Solaris 9 and Sendmail 8.11 or 8.12, I set up a secondary MX box a few weeks ago (following the instructions in one of the posts from this site - thanks!)

Both the primary and secondary boxes handle mail for several domains. The secondary box merely forwards everything it gets to the primary - or queues it if the primary if offline.

Spammers are sending mail from a bogus address to [random characters]@mydomain.com directly to the secondary box and I get the following loop:

Secondary forwards to primary
Primary sends "User Unknown" back to secondary
Secondary sends "User Unknown" to the reply address.
(Naturally) the reply address returns "User Unknown" to the secondary.
Secondary forwards THIS one to the primary - who accepts it for the postmaster.

This was an annoyance until this morning, when I had over 3,500 return messages in my postmaster box.
I need to correct this before a Denial of Service situation arises.

I have considered renaming "MAILER-DAEMON" to "S-MAILER-DAEMON" on the secondary, and then sending those messages for "S-MAILER-DAEMON" to /dev/null on the primary. If there is a better solution, or a compelling reason for NOT doing that, someone let me know.

Thanks in advance for the help.

Answer : How do I prevent Secondary MX from being used to relay junk mail to Primary?

Actually, the third step is really easy and provides a lot of benefits. You need the re-mqueue.pl script from the contrib directory of the Sendmail sources, some queue dirs created, and some crontab lines. My procedure on a Linux system looks like:

# cp /path-to/sendmail-8.12.11/contrib/re-mqueue.pl /usr/sbin/re-mqueue
# chmod 0755 /usr/sbin/re-mqueue
# for dir in 2 3 4; do
> mkdir /var/spool/mqueue$dir
> chown root.mail /var/spool/mqueue$dir
> chmod 700 /var/spool/mqueue$dir
> done
# cat >>/var/spool/cron/root <> 08 * * * * /usr/sbin/re-mqueue /var/spool/mqueue /var/spool/mqueue2 2700
> 11 * * * * /usr/sbin/sendmail -oQ/var/spool/mqueue2 -q
> 38 * * * * /usr/sbin/re-mqueue /var/spool/mqueue2 /var/spool/mqueue3 11700
> 41 /4 * * /usr/sbin/sendmail -oQ/var/spool/mqueue3 -q
> 48 * * * * /usr/sbin/re-mqueue /var/spool/mqueue3 /var/spool/mqueue4 100000
> 53 /8 * * /usr/sbin/sendmail -oQ/var/spool/mqueue4 -q
> EOF

Assuming a normal queue run interval of 30 minutes (i.e., starting the MTA with 'sendmail -bd -q30m') messages in /var/spool/mqueue will wind up being attempted at least twice before being moved to /var/spool/mqueue2, which is run every hour. They are tried there at least twice before being moved to /var/spool/mqueue3 which is run every 4 hours, and so forth.

On a Solaris box the crontab needs to be just a bit different in that /4 & /8 must be 0,4.8,12,16,20 & 0,8,16.

Random Solutions

Accessing Remote desktop through Nat network

XP booting slow

How do I Identify the Time Server for my domain?

I want to create different subnets

Software can't send mail through SMTP any longer with new configuration.

Kixtart 4.22 installation

Problem with outgoing email

receiving email through SBS 2003 and also a cell phone

auto detect vs half duplex vs full duplex???