From: Philon Terving (no email)
Date: Mon May 16 2005 - 15:25:55 EDT
hello Charles,
> a) forward messages from to
> with it going through the message labs
> filter. To get message labs to take it correctly, the message has to
> appear to be for when it gets there.
have a look at the Postfix documentation. IIRC there's something about
sendmail-style virtual domains and postfix-styled ones. One of these
should suit your setup.
For outgoing email there is a rewriting engine, which could even mask
domain names and rewrite the old From: to the new domain.
> b) I use SMTP auth to make sure users are allowed to relay messages, I
> need a way to set postfix so unless a connection is using a valid SMTP
> auth user or message labs, it drops the message, basically I need to
> protect my users from direct IP spamming / viruses.
you would have to configure the MTA to allow SASL-authenticated mails
and possibly set the allowed domains (mydomain or mysubnet, look into
main.cf) to the IP-range of the message lab.
> One idea I had was to somehow check the headers of all messages, and if
> they haven't been touched by message labs to send them to message labs
> so they can filter then send them back to us. However that opens us up
> to spoofed header attacked (and I don't have a clue how to setup that
> sort of filter)
sounds to complicated for me. Anyhow, IIRC even SSL-key based relaying
could be a possibility.
regards,
Philon
|
|
|