How to prevent mail to non-existent accounts

[Greg Couch]

I should have given a bit more background.  We sort of share the alias
file among the various hosts by routing all mail that only has a user
in the address through the mail gateway for our lab.  All outgoing mail
appears to be from the mail gateway so we're free to change any of the
other host names at will.  Mail to a particular host will be delivered
on that host so a local user may pick which host he wants to read mail
on.  Consequently, with sharing of the password file and the not allowing
logging in to hosts that the user doesn't have a home directory on, mail
needed to be disabled to accounts that don't have home directories.

True sharing of the alias file would solve the above problem, except:
When we turn off an account, we don't remove a user from the password
file (just disable the password, change the shell to /noshell, and rm
-rf the account).  The local mailer can't be changed to reject mail to
disabled accounts because sendmail thinks that all local mailer errors
are temporary.  Thus sendmail had to be changed to not deliver the mail
in the first place.  This has the nice side effects of having the SMTP
VRFY command return "User Unknown" for disabled accounts and of causing
errors in mailing lists that include that user.

If you have the second problem but not the first, you could alter my
change from checking if the home directory exists to checking if the
shell is /noshell (or whatever your local convention is).

Further followups have been redirected to comp.mail.sendmail.

	- Greg Couch
	gregc at cgl.ucsf.edu
	gregc at ucsfcgl.bitnet