Carl-Christian Salvesen wrote:
Hi,
I'm currently running a courier-mta (courier.example.com) with authmysq, maildrop and spamassassin as a xfilter. I'm hosting multiple domains at this server. A client (which for strange reasons) uses an MS Exchange-server (exch.example.com). All other domains than this clients domain must be delivered locally. Now, I want to spamfilter all his mail. I'm thinking subdomains here:
client.com IN MX 10 courier.example.com
exch.client.com IN MX 10 exch.example.com
Better to hide the Exchange box completely from the rest of the DNS world. Put exch.client.com in /etc/courier/esmtproutes but do not define it in DNS. Further, use firewall or Exchange rules to make sure that the Courier server is the only machine that can connect to the Exchange box's port 25. We don't want spammers to have any way to the Exchange box except through Courier. I also recommend setting up the Exchange box to use the Courier server as the smart smtp host, that way all mail to/from the Exchange box goes through Courier. It simplifies things.
And at the end of /etc/courier/maildroprc, resend mail to
[EMAIL PROTECTED] to [EMAIL PROTECTED] This need to be dynamic, as I
don't know the usernames active at his server. I also need to trap
[EMAIL PROTECTED] and forward it to myself.
I use a maildrop line like this:
to '|$SENDMAIL -f "$SENDER" -i "[EMAIL PROTECTED]"'
this preserves the original Sender. If Courier doesn't know the list of valid users on the Exchange box, you'll have to accept invalid local addresses which can get ugly real fast, many spammers simply guess account names and see if they're accepted, you'll end up with a lot of spam fast. I'd recommend talking to the Exchange admin about regularly exporting the user account list from the Exchange box and importing it into MySQL.
Another possibility would be to write a xfilter that invokes sendmail to resend the messages.
Has anyone else done anything similar? Any ideas here?
xfilters are the wrong rule to use to send the message. When maildrop does an xfilter, it expects to get the (possibly modified) message back.
Jay
-- Jay Lee Network / Systems Administrator Information Technology Dept. Philadelphia Biblical University --
------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
