A customer has challenged whether this can be done...

Anti-SPAM appliances "A", "B", and "C" are available on an internal LAN
via DNS round-robin through SMTP at "appliance.example.com"

VPOPMAIL server "D" is on the same LAN.

Customer has had a few local accounts that had their password guessed and
spammers sent spam through webmail.


We're considering doing something inline to the delivery process that
would 1) accept the authenticated user's email for remote/local delivery,
2) force that delivery off of box "D" to "A-C" over SMTP in ALL cases (not
just remote), 3) Scan on "A-C", 4) return the inbound (local) mail back to
"D" for further delivery to the locals.

I realize this is pretty insane, but the customer isn't excited about
adding a local spam daemon to "D" and would like to leverage the
investment in the appliances "A-C" to control for local delivery abuses. 
The appliances are doing a nice job on SMTP scanning, but the vendor says
that their appliance does not have a "port listener" (like a spamd daemon)
that could answer a stream request - thus only SMTP will do.

Ideas?  THANKS!  Dave.


Reply via email to