A colleague asked me offlist about how to make a Sendmail secondary MX properly return 550 for invalid recipient addresses. For smaller sites -- or even larger sites if the list is autogenerated and the access_db uses "btree" storage (it's rather fast) -- the below solution will do just that. ===== In your secondary MX's sendmail.mc, add the following FEATUREs if you don't already have them. FEATURE(`access_db')dnl FEATURE(`blacklist_recipients')dnl Rebuild your sendmail.cf from this, and then put entries like the following in your /etc/mail/access file (assuming "foo.com" is your domain). I'm also assuming that "foo.com" is already in /etc/mail/relay-domains (or /etc/mail/sendmail.cR depending on your sendmail install), so that relayed mail can get through. userone@foo.com RELAY usertwo@foo.com RELAY To:foo.com "550 User unknown" The RELAY lines designate explicitly allowed recipient addresses for relaying to the primary MX. The To:...550 line, which requires the "blacklist_recipients" feature, is a fallback rule that matches after the email addresses and returns the expected "User unknown" error. Now rebuild your access.db file, restart sendmail, and voila, you have a secondary MX explicit user list. -- -- Todd Vierling <tv@duh.org> <tv@pobox.com>