outbound sender
in [Postfix]
|
From: Len Conrad on 5 Mar 2010 06:09 >>Len Conrad put forth on 3/4/2010 6:40 AM: >> >>> But we don't have a relayhost for the sender listsender(a)domain.tld. We want that trusted sender to bypass the (scanning, weak) relayhost and nexthop to Internet. >>> >>> in the sender_dependent postfix box, >>> >>> relayhost = [mx.domain.tld] >>> >>> sender_dependent_relayhost_maps = >>> sender_dependent_relayhost.map >>> >>> ... which would contain what, the "null next hop"? >>> >>> listsender(a)domain.tld smtp: >> >>It would be of the form >> >>listsender(a)domain.tld smtp:10.1.2.3 >> >>10.1.2.3 being the new/big Postfix box you mentioned wanting to send this >>list mail through. > >That's precisely what I don't want to do. > >1. all mail from inside goes to this (edge - 1 ) postfix box. > >2. if from trusted/don't-scan-it listsender(a)domain.tld, then don't go to edge/out-MX relayhost, resolve/send directly to Internet. > >3. if not from listsender(a)domain.tld, then send to relayhost. So there's no way to do this? Len
From: Hari Hendaryanto on 5 Mar 2010 07:59 >> That's precisely what I don't want to do. >> >> 1. all mail from inside goes to this (edge - 1 ) postfix box. >> >> 2. if from trusted/don't-scan-it listsender(a)domain.tld, then don't go to edge/out-MX relayhost, resolve/send directly to Internet. >> >> 3. if not from listsender(a)domain.tld, then send to relayhost. >> > > > So there's no way to do this? > > Len > maybe this is what you want assume all outbound mail sent through the powerful postfix box in powerful postfix box main.cf transport_maps = hash:/etc/postfix/transport sender_dependent_default_transport_maps = hash:/etc/postfix/sender_dependent_default_transport_maps transport untrusted_domain smtp:your_weak_mx_gateway_for_scaned sender_dependent_default_transport_maps listsender(a)domain.tld powerful-trusted: master.cf powerful-trusted unix - - n - - smtp -o smtp_helo_name=powerful_box_fqdn -o syslog_name=postfix-powerful-box postmap hash hash table and reload postfix but, if listsender(a)domain.tld has destination to user(a)untrusted_domain, mail will be route to your_weak_mx_gateway_for_scaned otherwise it'll sent directly to internet cmiiw
From: Wietse Venema on 5 Mar 2010 08:04 > >1. all mail from inside goes to this (edge - 1 ) postfix box. > > > >2. if from trusted/don't-scan-it listsender(a)domain.tld, then don't go to edge/out-MX relayhost, resolve/send directly to Internet. Use an access map with a nexthop-less FILTER action: FILTER smtp: This requires Postfix 2.7. See note 3 in the access(5) manpage. > >3. if not from listsender(a)domain.tld, then send to relayhost. relayhost = [mail.isp.com] Wietse
First
|
Prev
|
Pages: 1 2 Prev: spamhaus dbl implementation Next: Postfix doesn't fall back on other IP addresses |