On 4/16/08, Gary V wrote:
> On 4/16/08, jeff donovan wrote:
> >
> > k--
> > yes i do trust the scanned data. so your saying " tell postfix on the relay
> > systems accept connections on another port ? or do I have to run another
> > instance of postfix?
> >
>
> I was thinking along the lines of:
> $forward_method = 'smtp:smtp.example.com:2525'
>
> and on both downstream servers add listeners on 2525:
>
> 2525 inet n - n - - smtpd
> -o mynetworks=10.0.0.13
> -o smtpd_client_restrictions=permit_mynetworks,reject
and maybe these are needed:
-o smtpd_use_tls=no
-o smtpd_sasl_auth_enable=no
>
> where 10.0.0.13 is the amavis host. You might also need to open the
> ports if they are blocked by iptables or somesuch firewall.
>
And if it turns out mail does not flow to both servers, and assuming
all mail is forwarded to those two servers, the next step I would take
would be: I would create the typical 10025 smtpd listener on the local
machine:
127.0.0.1:10025 inet n - n - - smtpd
-o content_filter=
<etc.>
Leave the forward_method at the default:
#$forward_method = 'smtp:[127.0.0.1]:10025'; # where to forward checked mail
Then have Postfix relay all mail to port 2525 (main.cf):
relayhost = smtp.example.com:2525
The only drawback here is another header will be added.
Since you trust all mail from the amavis client, I don't see a need to
require the amavis client to connect using sasl auth.
--
Gary V
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
