okay, i'm probably having a brain fart on this, so bear with me.
i have a customer who is coming online tomorrow. they preconfigured their addresses on the server some time ago through our qmailadmin interface (for the record, vpopmail 5.4.10, qmailadmin 1.2.7). my structure is this: three incoming MX-only servers. one proxy server the MX servers forward on to to do spam/virus scanning, then pushed to the POP/IMAP/Webmail server where customers do their thang. tcpserver patched with Matt Simerson's mysql patch so that the relay queries don't hammer the tcp.smtp.cdb file. all works dandy.
the customer has *not* pointed the MX for their domain to us yet. that will happen tonight. however, the customer has reported that several of their accounts have received virus-laden email. it took a while to figure it out - apparently the virus is hitting our POP server, which is not an MX, and I guess happened to be bearing viruses intended for the domain that *is* set up on the server - so the server dutifully delivered the 'messages'.
i'm somewhat baffled. my customers need to be able to relay through the POP server, that's their outbound SMTP server. that's fine. but i can't think of a way to deny access to the rest of the world that hasn't authenticated as relays to be able to send to a locally hosted domain. since the access is via mysql relay tables, i can't just put a final ':deny' rule in tcp.cdb or tcp.smtp.cdb, because they aren't consulted.
brain fart, structural/configuration problem, or ? Paul Theodoropoulos http://www.anastrophe.com http://www.smileglobal.com