It is fairly normal to wrap Exchange with Postfix. Postfix is very versatile and can allow you to manipulate messages before they reach Exchange or on the way out of your network. I'm 100% for this.
A word of caution to your customer though: To avoid generating backscatter<https://en.wikipedia.org/wiki/Backscatter_(email)>, if Postfix is being used for inbound mail it should be configured to be authoritative for their domain(s). There are a number of ways to do that (alias file<http://www.postfix.org/postconf.5.html#virtual_alias_maps>, LDAP<http://www.postfix.org/LDAP_README.html>, "Postfix Address Verification" - don't use on outbound mail<http://www.postfix.org/ADDRESS_VERIFICATION_README.html>). The same goes for spam-filtering or any other form of filtering: Make sure the rejection happens at the edge of your network. If Postfix accepts a message, don't reject it later. ________________________________ From: mailop <mailop-boun...@mailop.org> on behalf of Davide Migliavacca via mailop <mailop@mailop.org> Sent: Wednesday, June 28, 2017 8:34 AM To: Autumn Tyr-Salvia Cc: Mailop Subject: Re: [mailop] DKIM for Exchange - experiences? Dear Autumn, > > MailOp friends, might you have any advice to help my colleague and his > customer? > Having Exchange as corporate mail server, I 100% subscribe to the advice already provided by other listmembers: smarthost Exchange with a smaller and leaner MTA both ways (outbound and inbound). And not only for DKIM sake, mind you! HTH Davide Davide Migliavacca cto, ContactLab Tel +39 02 2831181 www.contactlab.com<http://www.contactlab.com> _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
