Can sendmail be configured to discard routed email that has been rejected by the next hop?
- by Guy Bolton King
Background:
We have a handful of hosts (running sendmail) acting as the MXs for a few domains each.
Each domain is handled via the sendmail/cf /etc/mail/virtusertable, with a set of known recipients and a catch-all reject rule.
Mail to postmaster on each host is aliased to root, and root is aliased to root+<host>@ourdomain.com.
The MX for ourdomain.com is Google Apps, and [email protected] is a simple group that forwards to the admins.
Google Apps will reject some emails at the SMTP stage, usually because of illegal attachments (instead of accepting them and filing them as spam).
Problem:
Given a particular spam email sent to a domain in a virtusertable entry:
If the recipient address rejects the mail, then sendmail will try and send a DSN to the sender.
If that sender also rejects the mail (because it's a falsified sender, and the MX for the sender rejects the mail as spam), then sendmail sends a DSN to the postmaster.
The routing detailed above takes place, and...Google Apps rejects the mail as well.
sendmail now gives up with a "savemail panic", and leaves the mail in the queue forever.
Our mail queue fills up with garbage
Is there any way I can get sendmail to discard messages that have been rejected by the next virtusertable hop (i.e. after step 1 in the Problem description)? Or does anyone have any other solutions to this?