Joseph L. Casale wrote: > In most of the example configurations I see, everyone is running ASSP with an > additional MTA between their production boxes and the internet. My intended > setup has assp on a centos box in a dmz without an additional MTA sitting > between my exchange server and the internet. Are there any advantages to > having a second mta just relay? >
Hey Joe, welcome aboard! Whether you chose to have an additional MTA just to relay or not - you /do /need to relay in some fashion or another because ASSP is a proxy. Instead of letting your back-end MTA perform DNS-based mail routing, you have to configure it to use ASSP is a bridgehead/relay. In turn, you have to configure ASSP to have a specific destination that can actually perform DNS-based mail-routing - because ASSP cannot act as an MTA. I have made 2 drawing so far of mail flow topologies that may help you visualize what you need to accomplish: Example of a basic SMTP/POP MTA mail flow setup: http://www.asspsmtp.org/wiki/Mail_flow_example_-_standard_MTA Example of a collaboration server mail flow setup (e.g. Microsoft Exchange, Lotus Domino, etc): http://www.asspsmtp.org/wiki/Mail_flow_example_-_collaborative_MTA The egress/outbound "relay" can be anything that is capable of routing mail; including another /Virtual SMTP Server/ instance on your Exchange server. This is how I do it, running Exchange 2003 and ASSP both on the same Windows box. > Also, when using an Exchange server, how does a client forward spam and > errors to the assp server if their messaging client connects directly to > their server behind assp? Can assp be set to grab _all_ email addressed to > those reserved aliases for any domain? MUAs (clients) forward spam/ham errors to special addresses that are designated by you in the *Email Interface* options of the web administration console. This can be done be clients behind or in front of ASSP depending on how you have configured your e-mail topology and how you are using these addresses. For instance: If your MUAs are Outlook/Exchange clients that are all sitting behind ASSP - you cannot use your internal mail domain in the email addresses in the Email Interface. The reason for this is that ASSP will never see those messages because Exchange will intercept them. Instead, you need to specify an external mail domain for those addresses so that Exchange will route those messages out /through /ASSP - for which ASSP will catch them and process them accordingly. If you would like, you can use my domain of @asspsmtp.org for your Email Interface addresses. My mail server has been configured to delete anything sent to the *default* names for the various email addresses that ASSP uses. e.g., assphelp, asspspam, asspnotspam, asspwhite, asspnotwhite, asspred, asspnotred, etc. Any messages sent to those default names @asspsmtp.org will be automatically discarded if they reach my mail server. But, if you configure ASSP properly, that should never happen because ASSP would intercept those messages, process them, and not allow them to go out to the Internet. And yes, if you don't specify a domain with the address for the Email Interface, it will be caught for *all* domains - as long as it is sent my a local or authenticated MUA. HTH
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
