Honestly I am not sure how you would go about sending e-mails through your scanning machine.....Hopefully someone else from the list will respond with the answer.
Peter
[EMAIL PROTECTED] wrote:
Peter, thanks for getting back to me so quickly. I may need to reroute outgoing AOL mail thru the gateway email server. I attempted this yesterday by creating an smtproutes file and adding "aol.com:my.gtw.ip.addr" . The gateway sent me a message back telling me that:Remote host said: 553 sorry, that domain isn't in my list of allowed rcpthosts; no valid cert for gatewaying (#5.7.1) I guess I need to refigure out how to tell the gateway to send msgs from aol on to their destination, which isn't on that machine. Do you know a simple way to do that from the gateway? Do I need to edit the rcpthosts file? This would seem to be opening a can of worms but I'm not sure. Any help would be appreciated. Thanks Darrell StrongDarrell, I wasn't that specific in my original post, and for that I apologize. Our setup is configured like I mentioned, except for the fact that our primary mail server(the one with the vpopmail accounts) is configured as a backup MX in our DNS zones. This way if our primary scanner goes down mail is still delivered correctly. However, having our primary mail server as a secondary MX in DNS opened up a few other problems...It seems that a lot of viruses and bulk mailer programs are written to deliver their nasty mail to all MX records for a domain, or simply deliver the mail to the backup MX servers. It looks like they realized what we are trying to do, get the scanning off of our primary mail server and onto a dumb machine that simply scans e-mails all day. The solution is pretty elegant really, but is not entirely scalable. With help from Bill, we figured out how to scan messages selectively based on where they were coming from. Any messages being sent from our scanner machine are not scanned by our primary mail server, as, obviously they have been scanned by the scanner machine. Now, if the primary mail server gets a message from somewhere else besides the scanner machine we set QMAILQUEUE to qmailscanner and the message is scanned. We still benefit from improved performance, and do not have problems delivering mail to picky ISP's like AOL. The downside to this system is that we need to keep spamassassin/clamav current on two machines, but we have noticed a good performance increase with this system...As 99% of all legitimate e-mails are sent to the MX record with the highest priority, which is our scanner machine. Hope this helps, Peter Darrell Strong wrote: Peter, I was reading your post from Shupp toaster page (see below) and was wondering how you resolved the aol problem that is associated with having your gateway email server on your mx record and not your true email server. I have my setup just like you mentioned below. It works great but i just realized that AOL is sending all incoming mail we are sending it to the aol users spam folder. Evidently AOL is assuming all incoming mail from my mailserver is spam because it is originating from my mail server which is no longer at my mx record ip address. Therefore there is no reverse dns record for it. Outgoing mail goes out directly out from my mailserver, bypassing the gateway. Did you have this problem? Should I route all outgoing mail back thru the gateway? Any help you could provide would be appreciated. Thanks " Jeff, We had a similar problem, and our bottleneck was SpamAssassin and Clam Scanner. We ended up putting SpamAssassin and Clamd on a seperate machine that simply scanned the incoming messages and passed them onto the primary mail machine that housed the vpopmail accounts, etc. All you need to do is install Bill's toaster on a second machine with Qmailscanner, SpamAssassin, etc, etc. and then setup that machine to forward all mail to your primary box in /var/qmail/control/smtproutes Works like a charm, just make sure DNS points to the scanning server in the MX route. Peter" Darrell Strong Technology Coordinator Haddon Heights Public Schools (856) 547-0521Darrell Strong Technology Coordinator Haddon Heights Public Schools 856-547-0521
