Jeff Grossman wrote:
I am currently running a Gentoo machine with
Sendmail/MIMEDefang/Spamassassin/Clamav which acts as a front-end mail
server to a couple of different mail servers. The main back-end mail server
is an Exchange 2003 server and the other is currently a Mac OSX machine
running Mailman. I am using a mailertable to direct the different domains
(10 domains go to the Exchange server and 1 domain goes to the OSX
machine). I am using MIMEDefang's md_check_against_smtp_server feature to
verify recipients before they are accepted at the gateway.
I am going to switch to a Debian machine with
Postfix/Amavisd/Spamassassin/Clamav as my new front-end mail server to the
Exchange server and the OSX machine (I am going to use the old Gentoo
machine for mailman once I wipe it and install Debian).
1. Can I use the reject_unverified_recipient feature to get the same
functionality as I did with MIMEDefang's md_check_against_smtp_server?
Yes, postfix built-in verification works very similar. See:
http://www.postfix.org/ADDRESS_VERIFICATION_README.html
have seen articles about exporting the Exchange users via LDAP and putting
them in an access map file on the Postfix server, but I am not a big fan of
that. I would prefer to just query the Exchange server directly for valid
addresses.
OK, your choice.
2. Is it possible to only require the reject_unverified_recipient option
on certain domains?
Yes. Use a check_recipient_access map that returns
"reject_unverified_recipient" for the target domain.
3. Do I just set up each domain in a Transport Map file and tell it which
server to send the mail to?
This step is only necessary if the destination IP differs from
what postfix will find with an MX lookup of the domain.
I also have some e-mail addresses on the Exchange server that I do not want
the gateway to accept mail for. That should be pretty easy I can just put
them in a recipient check hash file. But, nothing is ever easy, there are
a few e-mail addresses that I would like to receive mail for to those
restricted Exchange e-mail addresses.
General per-sender, per-recipient, etc. info can be found here:
http://www.postfix.org/RESTRICTION_CLASS_README.html
And, any mail created from that
machine itself would need to be able to send to those restricted Exchange
addresses. How can I do that?
Mail locally submitted via the sendmail(1) interface does not
go through the various smtpd_*_restrictions.
and generally the "inside" machine would be included in
mynetworks, which is normally excluded from most restrictions
by the permit_mynetworks rule.
Thank you for any help you can offer me or guidance on where I can look for
answers.
Jeff
Welcome to postfix!
-- Noel Jones
