Mark, >> The incoming servers ARE listed in @mynetworks, the line "SPAM FROM >> LOCAL ..." is correct in a sense but not really interesting, obviously >> ALL incoming mail passes throughthe MX's first. > > You are right, the FROM LOCAL becomes useless information in such setup. > The IP address of the client comes from Postfix in XFORWARD command, > and in your case it is always the IP address of your front end MTA. > > Either concede and accept that any amavisd config setting based on > @mynetworks (such as policy bank MYNETS) becomes useless, > or somehow persuade first MTA to relay its information on IP client > to the second MTA - the mechanism would be XCLIENT Postfix protocol > extension, although I'm not sure what other implications it would have. > Or invoke your content filtering by a front end MTA. > > The SA notion of trusted_networks and internal_networks is still useful > and should still work in yuour setup. SA bases its DUL and SPF checks > on information from Received header fields. Make sure the trusted_networks > and internal_networks are correctly configured in local.cf.
I've tried with success to use XCLIENT and XFORWARD in my setup to present the first external host to amavis, thank you for pointing this out. You mention above that one could possibly have "other implications" from this method, can you do a qualified guess on what they could be? So far I did not see anything worrysome. I use the "pre-cleanup" service suggested in the README, all routing/addressing etc. decisions are taken after amavis is done. Per olof _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
