>-----Original Message-----
>From: Tony Hoyle [mailto:[EMAIL PROTECTED] 
>Sent: Tuesday, July 08, 2003 10:19 AM
>To: Dan Jones; [EMAIL PROTECTED]
>Subject: RE: [SAtalk] How to do? Linux/Spam Assassin running as a gateway spam filter 
>f or another mail >server.
>
>>-----Original Message-----
>>From: Dan Jones [mailto:[EMAIL PROTECTED] 
>>Sent: 08 July 2003 16:01
>>To: '[EMAIL PROTECTED]'
>>Subject: RE: [SAtalk] How to do? Linux/Spam Assassin running as a gateway spam 
>>filter f or another mail >>server.
>>I currently use a mailgateway running spamassassin and postfix. It works beautifully 
>>for what we need. 
>>I have it setup to forward domain mail for our exchange server. If I am not mistaken 
>>all you need to do is >>setup sendmail to forward mail for you domain to you 
>>exchange server with out having to setup up aliases or >>users on the linux box. I 
>>can tell you how to set it up with postfix but I believe there are a few minor 
>>>>differences in the mail forwarding for sendmail so I doubt it will help much. The 
>>one drawback is that you >>still receive mail for nonexistent users on your exchange 
>>box. 
>
>In theory you can tell postfix to query the Active Directory to verify users... 
>didn't work when I tried it >(even though the same query worked with ldapsearch) but 
>I'm sure it's possible.
>Tony

Can be done quite easily with Exim 4 as well:

ldap_default_servers = <ipaddr>::<port>:<ipaddr>::<port>

You'll want to use port 3268 on a global catalog server to keep it fast. Then, in the 
routers section:

exchangemaillookup:
  driver = redirect
  data = ${lookup ldap {user=CN=<user>,ou=users,DC=company,DC=com pass=password \ 
ldap:///ou=users,dc=company,dc=com?mail?sub? \
(proxyAddresses=smtp:${quote_ldap:[EMAIL PROTECTED]:$domain})}}
  domains = dbm;/etc/mail/localdomains.db
  verify_recipient
  self = pass
  pass_router = exchangeroute
  no_more
 
exchangeroute:
  driver = manualroute
  transport = remote_smtp
  route_data = <inside_server_ip>

The file /etc/mail/localdomains.db is a dbm database of domains your Exchange server 
will accept. Can also be just a file or an inline list if you like, Exim will handle 
just about anything.

That way your gateway will verify all incoming addresses before accepting them, 
eliminating the issue of throwing invalid email at your Exchange servers.

Then patch in SA-Exim or Exiscan to call SpamAssassin on the way through. :)

 


-------------------------------------------------------
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to