Hi all,
I'd appreciate some guidance on how best to achieve a scenario:
I admin a Postfix mail relay for an ISP's DSL users, which has recently
become subject to being frequently blocked by Mimecast/Commtouch. As
usual they are not being too forthcoming with information as to why the block has been
enforced, and no more than a few e-mails to any particualr
domain/recipient were sent - This has lead me to believe that scanning
outbound mail is the only way forward, in an attempt to avoid these
seemingly draconian blacklists. The mail servers have an otherwise very
good reputation (on 'mxtoolbox' blacklist checker, Senderbase, very
low queues and few bounces etc).
I have been looking at Amavisd as a before-queue content scanner, which
works well - However, I'd like to start off by scanning only mail destined
for certain domains (e.g. hotmail, yahoo, btinternet...) but maintain the
before-queue filter as to reject the clients at SMTP conversation with a
5xx code. I don't believe check_recipient_access is the solution, as you
have to accept mail into the queue before this check/filter is enforced.
Alternatively I was thining of having a separate relay for scanning
certain domains, and defining a transport through these servers, however,
if these were to reject with a 5xx code then the sending relays would
become a source of backscatter?
I couldn't find a way to make Amavisd scan only for certain domains,
rather than whitelist. (Although I understand this is beyond the scope of
this list :))
Any advice on how best to go about this would be much appreciated.
We do make a large effort to educate the DSL users, but as a lot of them
are 'business' customers they tend to have Exchange servers which 'smart
host' through the ISP's relays. We have recently put in limits, however
they are more to prevent outbursts / Denial of service than limiting the
users.
Duncan Baxter
zanaNET
