Re: Backup MX for multiple domains

Thu, 18 Dec 2008 23:55:55 -0800 

mouss wrote:
the question is: does the symantec device reject spam or does it "tag and deliver" or "quarantine". it should not reject mail since you have accepted it.
Honestly, I'm not even sure what device he has, in fact, I'm not familiar with any Symantec hardware products. :-/ That said, for the site in question, I've manually thrown a few obvious (or rather self written to what I believe to be obvious) spam messages at it, and have not been able to get a 4xx or 5xx response from it. I've even went so far as to test simulated backscatter messages, and nil. It seems that as long as the @example.com part matches, it accepts everything. In early testing, those probing messages were followed by the admin's response of "Should I have received this?" indicating that the catchall is doing it's job. While I think that I am capable of being fairly creative, and just a bit OT, is there any type of pre-made tool out there to test the effectiveness of a spam filter? If so, then I could throw that at it and see what I get. 

<Snip>

   reject_unauth_pipelining,

    


this is useless.


  

It will be removed. Thanks.

   reject_non_fqdn_recipient,

    


put reject_unauth_destination here.


  

before the RBLs..save both processing and bandwidth. Good catch.  TY

   reject_unknown_recipient_domain

    


This is useless.


  

OK

...
# End /etc/postfix/main.cf



    

<Snip>

without relay_recipient_maps, anyth...@example1.com will be accepted.
you can use:

relay_recipient_maps = hash:/etc/postfix/otherdomains

after adding:

@example.com   OK

to that file. (this entry won't match a check_recipient_access. so it
changes nothing to your checks).

  

Taking on from advice I've heard before (do not reuse maps) I'd prefer 
to let others' experiences lend to mine and avoid doing that.  It's not 
a big deal to copy it and add the extra line when the original is 
updated (it'll be automated anyway), but taking Noel's example of 
explicit rejects (next message), is it required?  If not, then I'd just 
as soon have one less directive in the case that, or rather when, this 
server is no longer mine.  I try to make the configuration as 
transparent as possible for the next guy.


Thanks again for the detailed answers.

-- DJ Lucas


--
This message has been scanned for viruses and
dangerous content, and is believed to be clean.























					Reply via email to