How do I make local delivery ONLY go to scalix

[RichardButler]

Hello,

last year I replaced a 10 user Microsoft small business server with a machine running Centos 4.1 and Scalix 9. (and Samba)

part of the reason for dong the change was because we started another related business "on the side" and needed more users and another domain name for the new business

because the machine is also doing "samba" for file sharing, I have local users (in the password file) which are peoples first name (tom, dick, harry, etc)

some people work for one company (tom@mainbusiness.co.uk),
some work for both (dick@mainbusiness.co.uk & dick@other.co.uk)
some just for the new business (harry@other.co.uk)

because I have all the domains listed in /etc/mail/local-host-names, the server correctly bounces baddly addresses e-mails ...

BUT .. if an e-mail is sent to a valid unix user name that is on the "wrong" domain (tom@other.co.uk), it gets delivered to the server, where Scalix discovers it's not a scalix user, so it gives it to sendmail, which then delivers it to /var/spool/mail/username
which no one ever reads,
and because it was sucessfully delivered (but not to a scalix mailbox) no bounce is generated, so the sender doesn't know that no one is ever going to read it

I'm just looking at 4 big files in /var/spool/mail/what-ever and wondering ....

1) what to do with 6 months of out of date but might have been important e-mails
(read the man page on fetchmail)

2) how to prevent this happening again?
(should I disable procmail, or with that break other stuff?)


any suggestions?

[ScalixSupport]

Well, I'll leave reading the mail to you, but you need to figure out what you want to do with mail that is legit and deliverable. Do you want to forward it to the "right" account? Do you want to delete it? Do you want to bounce it?

While this has nothing do to with Scalix per se, I'd recommend looking at setting up a virtual users table and forward accordingly. Please see http://www.faqs.org/docs/linux_network/x15291.html for more information.

Cheers,

Sascha.

[RichardButler]

I don't see how a virtual users table would help me in this situation,

what I want is for an incoming e-mail to go to scalix,
and if it's not listed there,
then bounce it

what I don't want is for it to be delivered to a unix mail box that no one will ever read

if I've missed putting an alias into "sac" then a real human will telephone and I will get told that I've missed it, so I'll put it in.

as people come and go (and get married)
or managment think up new domain names to register for each new project I want to avoid this problem of mail going to the wrong place because I forgot an entry in "sac" and no one tells me for a year

[ScalixSupport]

If you don't want sendmail to deliver it, remove the domains from /etc/mail/local-host-names.

Sascha.

[RichardButler]

but ... if the domain is not in the /etc/mail/local-host-names table,

then when an e-mail comes in to correct-name@my-domain it does get correclty delivered to scalix,

but if it is addressed to wrong-name@my-domain then scanlix doesn't accept it,
and sendmail thinks it's not local,
so it looks up the MX records, finds that the MX records point to the spam and virus checker at the ISP,
so off it goes to the ISP, which then sends it back in to the scalix server again,
and around and around it goes, 25 times, then I get

cpq733 sendmail[5892]: k4ADii1W005892: SYSERR(root): Too many hops 26 (25 max): from <Richard.Butler@external-domain name> via mx76.watford.rcuk.net, to <bad-name@local-domain-name>

[ScalixSupport]

In that case, add the domain to /etc/mail/local-host-names and restart sendmail.
That tells sendmail that your server is the final stop and incorrect addresses will be bounced back.

Cheers

Dave

[RichardButler]

I do have all of my domain names in /etc/mail/local-host-names

but then incoming e-mails which are addressed to a unix user, where I have missed that e-mail address setup as one of the aliases in "sac", then it gets delivered to the unix mailbox instead of the scalix mailbox.

I would prefer it to be bounced, rather than going to a mailbox that no one will read.

[ScalixSupport]

Are these unix user names belonging to system process, e.g. root, clamd, spam etc. ?

If so, edit /etc/aliases and change them to point to Scalix user mailboxes.

If not, delete the unix user.

If that's not possible, add some RECIPIENT rules to the smtpd.cfg file for example:

RECIPIENT user@domain.com REJECT

You will need to restart sendmail if you change the alias file or the SMTP Relay if you change smtpd.cfg.

Cheers

Dave

[RichardButler]

the e-mails are not for system accounts,
they are for real humans,
that (should) have scalix accounts

I can't delete the unix accounts, because they are needed by samba for the file sharing

because we have a number of domains, some times I miss one of the combinations of user-name@domaiin


I don't want to create lots of entries in smtpd.cfg, because if I could remember to create them there, then I could have put them into "sac" in the first place

and now I've just discovered that part of my problem is because when someone left, the "admin woman" went into "sac" and deleted the scalix user, but the unix account still exists.
so e-mails for the person that left are now being delivered to a unix account instead of being bounced
(left hand, say hello to the right hand!)

since I'm the only person with shell access to the server,
I think I'll create an entry in /etc/aliases for each human's unix account, to point it to the fully qualified e-mail address

it's another thing that I will have to remember to do when ever a user is added/deleted