> If you are able to weed out illegitimate recipients, this may go a long
> way to reduce spam, or at least it did for us. Looking the email
> address up in LDAP is *much* cheaper than doing a call-out to the
> backend server(s). Greylisting helps us, too, but seems to "cost" mail
> from broken servers (there are imho more than enough of these out
> there).
>
We do exactly this, on our spamd machines. it helps
immensely. Basically we check every recipient in the greylist. if they
don't pass this routine below the sending address gets trapped for
24 hours. This is very very very effective if you have userbase churn.
spammers use dirty lists, so one bogus user can stop a lot of spam
if you trap the source of it for a little while.
-----------------------
# This routine tells us if a single destination rcpt is bogus
sub badrcpt {
my $rcpt = shift;
if ($BADDEST{"$rcpt"}) {
return(1);
}
if ($GOODDEST{"$rcpt"}) {
return(0);
}
# 1) check against the BADRERCPT...
foreach $re (@BADRERCPT) {
if ($rcpt =~ /$re/i) {
# match. trap the host.
$BADDEST{"$rcpt"} = 1;
return(1);
}
}
if (-x $EXTERNAL_ADDRESS_CHECKER) {
if (system(("$EXTERNAL_ADDRESS_CHECKER", "$rcpt")) != 0) {
# address checker says $re is bad - trap the host
$BADDEST{"$rcpt"} = 1;
return(1);
}
}
my $server = 'ldap2.srv.ualberta.ca';
my $port = 389;
my $msg;
my @email = split('@', $rcpt);
# Does the email address make sense?
if ($#email != 1) {
syslog('info', join('@', @email) . ": invalid email address\n");
$BADDEST{"$rcpt"} = 1;
return(1);
}
# check validity of domain part - it must be as follows
if ($email[1] =~/^mailman.srv.ualberta.ca$/) {
return(0); #mailman is always valid for now
}
if (($email[1] !~ /^ualberta.ca$/i)
&& ($email[1] !~ /^gpu.srv.ualberta.ca$/i)
&& ($email[1] !~ /^smtp.srv.ualberta.ca$/i)
&& ($email[1] !~ /^mailhub.srv.ualberta.ca$/i)
&& ($email[1] !~ /^maildrop.srv.ualberta.ca$/i)) {
syslog ('info', join('@', @email). ": invaild domain part of address");
$BADDEST{"$rcpt"} = 1;
return(1);
}
# Establish a connection to the LDAP server.
if (!$ldap) {
if (! ($ldap = Net::LDAP->new($server, port => $port))) {
syslog('info', "can't connect to LDAP server");
return(0);
}
# Anonymous bind ...
$msg = $ldap->bind;
if ($msg->code) {
syslog('info', 'bind: ' . $msg->error);
$ldap->unbind; $ldap->disconnect;
$ldap = undef;
return(0);
}
}
# See if email address exists in LDAP.
$msg = $ldap->search(base => 'ou=people,dc=ualberta,dc=ca', scope => 'one',
filter => "(|(maillocaladdress=$email[...@$email[1])(uid=$email[0]))",
attrs => [ 'uid' ]);
if ($msg->code) {
syslog('info', 'search: ', $msg->error);
$ldap->unbind; $ldap->disconnect;
$ldap = undef;
return(0);
}
# Process result.
if (scalar($msg->entries) == 1) {
# we found an entry. print it out and return success.
#foreach my $e ($msg->entries) {
# $e->dump;
#}
#syslog('debug', "Valid email address: $rcpt");
$GOODDEST{"$rcpt"} = 1;
return(0);
}
# Otherwise, we did NOT find one, so we exit indicating failure.
syslog('debug', "No such email address: $rcpt\n");
$BADDEST{"$rcpt"} = 1;
return(1);
}
