On 08.01.08 11:04, Peter Smith wrote: > server1: mail gateway, runs Spamassassin > server2: multi-purpose server. hosts http, mail boxes, pop/imap, runs > sendmail and Spamassassin. > example.org: my domain. The MX record points to server1, A record points to > server2 > > The problem with this setup of course, is that spammers tend to send > directly to server2, bypassing server1 (the mail scanner/filter).
yes, old trick. Probably good for spammer detection... > My original idea was to either configure server2 to reject mail not arriving > directly from server1 (either via iptables or sendmail.cf). The problem is > that I have a dozen or so users who use SMTP AUTH to relay mail out through > server2. Sometimes this mail will be relayed to 3rd party domains, other > times it will be sent to fellow users on example.org. Could you run smtp server on port 587, requiring SMTP AUTH? (or on 465, the same, forced SSL). And then refuse everything coming to port 25. > My thoughts at the moment are to write some Spamasssin rules for server2 > which will penalize mail which doesn't arrive from server2 (or localhost) > and wasn't sent by an authenticated user. Does this sound like a good way to > proceed? Perhaps I'm missing a simpler way to do things? I don't think SA should handle this. It can of course use informations about such hosts for blacklisting... -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Remember half the people you know are below average.
