Peter, thanks for getting back to me so quickly. I may need to reroute outgoing AOL mail thru the gateway email server. I attempted this yesterday by creating an smtproutes file and adding "aol.com:my.gtw.ip.addr" . The gateway sent me a message back telling me that:
Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts; no valid cert for gatewaying (#5.7.1) I guess I need to refigure out how to tell the gateway to send msgs from aol on to their destination, which isn't on that machine. Do you know a simple way to do that from the gateway? Do I need to edit the rcpthosts file? This would seem to be opening a can of worms but I'm not sure. Any help would be appreciated. Thanks Darrell Strong > > > > > > > > Darrell, > I wasn't that specific in my original post, and for that I apologize. > Our setup is configured like I mentioned, except for the fact that our > primary mail server(the one with the vpopmail accounts) is configured > as a backup MX in our DNS zones. This way if our primary scanner goes > down mail is still delivered correctly. > > However, having our primary mail server as a secondary MX in DNS opened > up a few other problems...It seems that a lot of viruses and bulk > mailer programs are written to deliver their nasty mail to all MX > records for a domain, or simply deliver the mail to the backup MX > servers. It looks like they realized what we are trying to do, get the > scanning off of our primary mail server and onto a dumb machine that > simply scans e-mails all day. The solution is pretty elegant really, > but is not entirely scalable. With help from Bill, we figured out how > to scan messages selectively based on where they were coming from. > > Any messages being sent from our scanner machine are not scanned by our > primary mail server, as, obviously they have been scanned by the > scanner machine. Now, if the primary mail server gets a message from > somewhere else besides the scanner machine we set QMAILQUEUE to > qmailscanner and the message is scanned. We still benefit from > improved performance, and do not have problems delivering mail to picky > ISP's like AOL. > > The downside to this system is that we need to keep spamassassin/clamav > current on two machines, but we have noticed a good performance > increase with this system...As 99% of all legitimate e-mails are sent > to the MX record with the highest priority, which is our scanner > machine. > > Hope this helps, > Peter > > Darrell Strong wrote: > > > Peter, > I was reading your post from Shupp > toaster page (see below) and was wondering how you resolved the aol > problem that is associated with having your gateway email server on > your mx record and not your true email server. > I have my setup just like you > mentioned below. It works great but i just realized that AOL is sending > all incoming mail we are sending it to the aol users spam folder. > Evidently AOL is assuming all incoming mail from my mailserver is spam > because it is originating from my mail server which is no longer at my > mx record ip address. Therefore there is no reverse dns record for it. > Outgoing mail goes out directly out > from my mailserver, bypassing the gateway. Did you have this problem? > Should I route all outgoing mail back thru the gateway? Any help you > could provide would be appreciated. Thanks > " Jeff, > We had a similar problem, and our bottleneck was SpamAssassin and Clam > Scanner. We ended up putting SpamAssassin and Clamd on a seperate > machine that simply scanned the incoming messages and passed them onto > the primary mail machine that housed the vpopmail accounts, etc. > All you need to do is install > Bill's toaster on a second machine with Qmailscanner, SpamAssassin, > etc, etc. and then setup that machine to forward all mail to your > primary box in /var/qmail/control/smtproutes > Works like a charm, just make sure > DNS points to the scanning server in the MX route. > Peter" > Darrell Strong > Technology Coordinator > Haddon Heights Public Schools > (856) 547-0521 > > > > > > Darrell Strong Technology Coordinator Haddon Heights Public Schools 856-547-0521
