On Mon, May 26, 2014 at 08:42:55PM +0200, Jimmy Thrasibule wrote:
> Hi,
>
> I'm wondering what is the correct architecture and configuration to
> setup a multilayer mail handling? What I have in mind is something
> more like what we can found in Web platform architectures.
>
> 1. First layer does first checks: user authentication (if mail to be
> sent), greylisting, RBL checks and SSL offloading. If all checks are
> OK request is proxied to layer 2.
> 2. Second layer, will actually handle the SMTP connection proxied by
> layer 1, no major checks should be done as already made by layer 1.
> 3. Finally, layer 3 to do some virus checks on received emails and
> maybe some other things I can't think about.
>
> Do you have some pointers on how to set up such a mail stack where
> each layer can be on multiple other hosts?
Zombie connection filtering:
http://www.postfix.org/POSTSCREEN_README.html
First stage access control and TLS support.
http://www.postfix.org/SMTPD_ACCESS_README.html
http://www.postfix.org/TLS_README.html
Pre-queue external filters:
http://www.postfix.org/SMTPD_PROXY_README.html
http://www.postfix.org/MILTER_README.html
Post-queue filtering (junk to quarantine or junk mailbox, too late to reject).
http://www.postfix.org/FILTER_README.html
--
Viktor.
