Possible sendmail misconfiguration to deliver to cyrus

Sun Dec 3 22:58:02 EST 2006

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm looking at a cyrus limitation right now.  I'm really thinking this
is not cyrus' problem.  I'm trying to figure out if it's actually a
sendmail limitation or a sendmail config error on my part.

The problem I'm working through became illuminated when some spammer
used one of our domains as the Return-Path for the spams.  The mail
server crashed due to crippling load.  It was aggravated when they did
it several days in a row.

Let's say my domain is domain.com (in local-host-names).  I have a user
todd on it.  It's an older box with updates manually applied so it has
sendmail 8.12.10 and cyrus imap 2.1.16.  You can connect to my server
and send emails to *@domain.com and it will do all virus and spam
scanning BEFORE it passes it cyrus, which then reports "Data Format
Error" because the user doesn't exist.  I have been googling and looking
at m4 code and trying to figure out what I can do to make sendmail check
the user at SMTP connect time the way it does if I configure sendmail to
deliver to a regular mbox mail spool.

Here's what's in my sendmail.mc:
[root at lunar root]# tail -n 7 /etc/mail/sendmail.mc
MAILER(cyrus)dnl
define(`confLOCAL_MAILER',`cyrus')dnl 
LOCAL_RULE_0
R$=N                    $: $#local $: $1
R$=N < @ $=w . >        $: $#local $: $1
Rbb + $+ < @ $=w . >    $#cyrusbb $: $1

I did a little testing, here's what I've found:
1) With none of the lines above (goes to regular mbox mail spool), if I
attempt to send mail to asdf at domain.com, sendmail reports User unknown
at SMTP connect.
2) With only the MAILER line above (still goes to regular mbox mail
spool), if I attempt to send mail to asdf at domain.com, sendmail reports
User unknown at SMTP connect.
3) With the MAILER and the define (delivers to cyrus mail boxes), if I
attempt to send mail to asdf at domain.com, sendmail doesn't report that
the user is unknown, it does all spam and virus scanning, and only when
it passes the email to cyrus deliver does it finally figure out that the
user doesn't exist.

Is the above m4 code appropriate?  Is there something obvious I'm
missing?  Any URLs or suggestions or comments are appreciated.

My rudimentary understanding of sendmail macros makes me think that
instead of checking for users locally, it's checking for user cyrus
locally (which always succeeds), so the email is accepted for any user.
If it's a problem with the older version of sendmail that I'm using,
then I apologize in advance, but a pointer in that direction would be
most appreciated.
- -- 
Regards...		Todd
   A friend of mine was at the military and had to check new recruits for
color-blindness. Only after the 20th color-blind man in a row he realized
for the first time in hist life that it was _him_, being the color-blind.
                                                    --Johannes Schindelin
Linux kernel 2.6.17-5mdv   3 users,  load average: 0.00, 0.01, 0.00
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFc5zJY2VBGxIDMLwRAsCzAJwNfibgBG19GbuEHzozOcX7UqG5UQCeKzxa
Pu+kyq+7gXNO/kM8c0F3a7c=
=oEE+
-----END PGP SIGNATURE-----