Hi,
Our mail server (vmail.example.com) uses Postfix (with ldap backend for
table lookups). However, in our domain (example.com) mail is always
reaching us through a gateway (which is defined as an MX for our
domain), say mailgw.example.com. This is a mail appliance (Cisco
Ironport) which filters out all virus/spam and also uses IP reputation
filtering (as usual for such devices) and delivers (clean) mail to our
mail server (vmail.example.com), which only accepts mail from our local
network (where mailgw.example.com lies as well) and/or from (SASL)
authenticated hosts (clients); thus external smtp (unauthenticated)
hosts cannot deliver mail directly to vmail.example.com.
We would like to create a replacement mail gateway server using Postfix
(initially it will be a redundant mail gateway, to be used as a
secondary MX in case of primary MX failure). Its role would be exactly
the above: to receive mail from outside, filter spam/virus using every
possible method (using spam assassin, etc) and deliver all clean
messages to our mail server, which will do recipient validation.
[Optionally, the new mail gateway could additionally do recipient
validation, but this is not mandatory for the initial setup. We haven't
configured our current mail gateway to do such validation either.]
What is the suggested way to configure Postfix to play this role, i.e.
to simply send all incoming (clean, after filtering) mail to another
mail server?
Any other suggestions for this setup are welcome.
Many thanks,
Nick
