Question : Sendmail 8.12.x message delivery error - Messages destined for both Valid/Invalid users not delivered to the valid users.

The mail server is running Redhat 8, and Sendmail 8.12.x. It sits just behind a Symantec Mail Security for SMTP server running Windows 2003 and Symantec SMS 5.

   I have a bit of an odd issue and I'm looking for a second opinion on a fix. I have found a knowledge base article by Symantec that basically acknowledges that it happens but I certainly don't like the fix suggested. Here is the link...
http://service1.symantec.com/SUPPORT/ent-brightmailkb.nsf/docid/2006091913104163?Open&docid=2006011913225263&nsf=ent-brightmailkb.nsf&view=es_full
   A brief description is that a message intended for multiple recipients both valid and invalid will get dropped instead of delivered to the valid users. The logs in the symantec product show the message coming in fine and being passed along to the sendmail server. The sendmail server pulls a houdini and removes all evidence of the message being sent to valid recipients. The only mention in the log of the message is a 'User Unkown' rejection for invalid recipients. The fix suggested by Symantec is basically to accept all mail and have nothing be invalid by creating a seperate account that all invalid mail would deliver to instead of bouncing. I don't really like that answer so I was hoping that someone here might have a better suggestion.

Answer : Sendmail 8.12.x message delivery error - Messages destined for both Valid/Invalid users not delivered to the valid users.

Well, it seems to me that you did *not* have a cohesive solution previously. The RBLs, ClamAV and SpamAssassin all functioned pretty much independently. Which is why they weren't very effective and you felt the need to switch. I'm saying that you could have added something like MIMEDefang to the mix and *made* it "cohesive".

Anyway, back to your Question, it seems to me that you're up against a limitation inherent in the Symantec product. I see three possible avenues for you:

1) Live with it

2) Reconfigure the sendmail MTA behind the Symantec SMTP Gateway to accept all E-Mails, and then use a MILTER or other tool to filter out those to invalid addresses. Of course, by the time you did that, you might as well do...

3) Ditch Symantec and go back to your original solution, adding something like MIMEDefang that'll turn it into an Anti-SPAM/AV defense that's just as good as Symantec's, is more configurable and costs a lot less.