On Thursday 30 June 2005 03:24 pm, Paul Theodoropoulos wrote: > okay, i'm probably having a brain fart on this, so bear with me. > > i have a customer who is coming online tomorrow. they preconfigured > their addresses on the server some time ago through our qmailadmin > interface (for the record, vpopmail 5.4.10, qmailadmin 1.2.7). my > structure is this: three incoming MX-only servers. one proxy server > the MX servers forward on to to do spam/virus scanning, then pushed > to the POP/IMAP/Webmail server where customers do their thang. > tcpserver patched with Matt Simerson's mysql patch so that the relay > queries don't hammer the tcp.smtp.cdb file. all works dandy. > > the customer has *not* pointed the MX for their domain to us yet. > that will happen tonight. however, the customer has reported that > several of their accounts have received virus-laden email. it took a > while to figure it out - apparently the virus is hitting our POP > server, which is not an MX, and I guess happened to be bearing > viruses intended for the domain that *is* set up on the server - so > the server dutifully delivered the 'messages'.
it's probably set up as mail.example.com, where example.com is the domain that is being pointed over to the new system. simply remove the domain from the rcpthosts file on the non-MX servers and no mail will be able to come in for that domain there. -Jeremy -- Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail GnuPG Key ID: 481BF7E2 ++ qmail wiki @ qmailwiki.org !!
Description: PGP signature