[maildropl] REJECT: instead of bounce (was"unknown user" if cannot connect to mysql)

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Chris's patch brings up an issue I've been thinking about. I also have 
virtual users set up in MySQL (and will probably migrate to LDAP soon). 
I use Postfix as the MTA, and I'm trying to get DSPAM set up to filter 
spam before handing off to maildrop for delivery.

My question is, I think the way I have this set up, Postfix knows what 
domains to deliver to Dspam/Maildrop, but doesn't know what user 
accounts are valid until it attempts delivery. Unlike the Postfix 
"virtual" or "local" delivery agent, if the user doesn't exist for a 
domain handled by Maildrop, it's too late to REJECT the message because 
the connection to the sending MTA has already terminated. So by the time 
Maildrop can return an error, the MTA then has to bounce the message 
(back to a potentially forged source, if it's spam...).

Am I overlooking anything here? I don't think this is an issue with 
local users, because the MTA gets those out of the alias table. But for 
virtual domains, I'm seeing lots of bounces in my logs to non-existent 
users.

I'm thinking the best solution might be some sort of recipient check in 
the MTA that first verifies the validity of the virtual user account, 
before handing off to Maildrop. Is anybody doing something like this? 
Seems like the downside is an extra call to the database--the MTA and 
Maildrop both query for pretty much the same thing. Anybody have an 
elegant solution?

Cheers,
John

Chris Masters wrote:

>>>I use maildrop to deliver mails to virtual users
>>>located in MySQL.(from Postfix).
>>>
>>>If maildrop cannot connect to the database it
>>>returns
>>>"unknown user" instead of a 451 (tempfail) error
>>>code:
>>>
>>>Oct 14 14:35:48 lon-quar-01 postfix/pipe[2044]:
>>>      
>>>
>>[ID
>>    
>>
>>>197553 mail.info] A79E2D7388:
>>>to=<ro...@wa...>, relay=maildrop,
>>>delay=55, status=bounced (user unknown. Command
>>>output: Could not connect to database 192.168.0.30
>>>Could not connect to database 192.168.0.31 Invalid
>>>user specified. )
>>>
>>>      
>>>