Exim help. Scan outgoing

Nick Phillips nwp at LEMON-COMPUTING.COM
Thu Jun 6 03:03:09 IST 2002 

On Wed, Jun 05, 2002 at 04:54:41PM -0400, Hancock, Scott wrote:

> Is anyone out there scanning both incoming smtp mail and outgoing smtp mail
> with exim and mailscanner on the same server?

Yes, of course...

> Mailscanner is working for incoming.. wait, this is my definition of
> incoming
>
> [internet]--->[exim-mailscanner on debian]-->[exim on debian host]
>
> and this is my definition of outgoing.
>
> [exim on debian host]-->[exim-mailscanner on debian]-->[internet]

*My* definition of incoming is "coming into Exim either from port 25
or the command line", and outgoing is "being delivered either to another
host or a local user".

Re-read the install doc with that in mind and it should make sense.


> My problem is how do I configure exim to know that mail from [exim on debian
> host] is to be delivered to the non-local host the is the [internet] and not
> the non-local host that is [exim on debian host].

You sound horribly confused. The way to make it work is to configure Exim
with no mailscanner at all. Then add mailscanner.

Mail is generally not routed on the basis of where it is from (as you seem
to think you want above), but on where it is supposed to end up. This
usually makes sense.


> This is the project goal.
>
> [internet]--->[Firewall (smarthost)]-->[exim-mailscanner /
> debian]-->[exchange]
>
> [exchange]-->[exim-mailscanner / debian]-->[Firewall
> (smarthost)]-->[internet]

OK, what you probably want (vaguely, I don't want to go into details like
"where do you want mail for root on the mailscanner box to go?") is no
local domains on the mailscanner box, with and a router using the
domainlist driver to route mail for <any domain that's handled by the internal
box> to the internal box, and everything else to the external box.

For example:

smarthosts:
  driver = domainlist
  transport = remote_smtp
  route_list = *.internal.domain name.of.exchange.server byname; \
               ! *.internal.domain name.of.smarthost byname


But don't just trust me; make sure you understand it.

Once you have exim set up right, add mailscanner.



Cheers,


Nick
--
Nick Phillips -- nwp at lemon-computing.com
Communicate!  It can't make things any worse.

More information about the MailScanner mailing list