Internet -> Mailscanner -> Exchange 2000

Peter Peters P.G.M.Peters at utwente.nl
Fri Aug 8 09:03:08 IST 2003


On Thu, 7 Aug 2003 22:39:35 -0400, you wrote:

>        I searched through the archives, but didn't find anythig relevant.  I am
>looking forward to use Mailscanner in front of my Exchange 2000 server (by
>the way, it could be any SMTP server).  I read the docs, but in all cases,
>it talks about mailscanner being installed on the machine where the actual
>mailboxes are.  What I want to do is filter out spam and viruses (although I
>have symantec AV for exchange) with mailscanner, in the DMZ, and then send
>the filtered messages to my  Exchange 2000 server.  Right now, my Exchange
>2000 server receives mail directly from the internet and I don't really like
>that.  I would, at least, want to have a mail relay in my DMZ (so that I
>wouldn't care too much if it's compromised, since there is a firewall
>between it and my LAN), that sends the messages to my internal Exchange
>server.  Of course, since MailScanner can filter spam and viruses, I would
>like to implement that as well.

We are running this kind of configuration. But what we also do is have
all excisting e-mail addresses in the virtusertable of our sendmail
frontend. So nobody can shoot in 1 million addresses leaving you with
the bounces of allmost the same number.

We use a dummy-domain to handle renaming of the exchange server. So the
entries in virtusertable are like:

@utwente.nl: error:nouser No such user
postmaster at utwente.nl: admin at exchange-dummy.utwente.nl
abuse at utwente.nl: admin at exchange-dummy.utwente.nl
p.g.m.peters at utwente.nl: my-mailbox at some-other.system.utwente.nl

And in mailertable we define the forwarding of exchange-dummy.utwente.nl
domain to the exchange server. This way you can also define e-mail
addresses that should get forwarded to other mailboxes. And you can keep
internal lists from getting spam when some spammer uses a dictionary
attack.

--
Peter Peters, senior netwerkbeheerder
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente,  Postbus 217,  7500 AE  Enschede
telefoon: 053 - 489 2301, fax: 053 - 489 2383, http://www.utwente.nl/civ



More information about the MailScanner mailing list