OT - Help sorting out relay rules, please

Scott Silva ssilva at SGVWATER.COM
Thu May 5 00:51:31 IST 2005 

    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Steve Campbell wrote:
> I need help sorting out (in my mind) some rules for a pair or relays here.
>
> We host quite a few mail domains. The domains are on separate mail servers -
> all sendmail. A few of the aliases on each machine points to a user in
> another domain. For instance, user1 at domain1.com -> user2 at domain2.com.
> Sendmail which hosts Domain1.com and Domain2.com are on different servers.
>
> To avoid going through our firewalls, I have sendmail send to the IP of the
> other machine directly when ever need be, so if mail comes to the user1
> above, it is relayed directly to the IP of sendmail on domain2.com and
> delivered to user2. Make sense?
>
> My problem is that when mail arrives on domain1 for user1, it is relayed
> immediately to user2 on the domain2.com server without being scanned by MS
> on the domain1 server. I whitelist mail that originates from domain1 to
> domain2, (by IP, not domain name), but this relay problem squirrels up the
> works, as now domain2 sees this relayed message as one that came from
> domain1's IP, so it gets whitelisted.
>
> Can anyone think of a solution for the WL/BL rules on both servers that
> would resolve this issue? Right now, I have set up an individual WL rule for
> any alias that will _not_ whitelist from the IP of the other server, but
> this circumvents the WL of real mail from users of domain1 to user2. I guess
> this is an example of an exception to the rule - WL by IP, not domain.
>
> Sorry, but I'm old and tired and just can't think straight. Any words of
> wisdom would be greatly appreciated.
>
> BTW - since this is OT:
>
> Mr Scott Silva, don't stop with your little pearls you sometimes slip in on
> a messge. The one about the time machine and condoms allowed me a very nice
> giggle and break from the grind.
>
> Steve Campbell
> campbell at cnpapers.com
> Charleston Newspapers
>

That is the only thing that keeps me sane on some of the "hair-pulling"
days!

--
   ,---.____________________        _         ============   .
 /'                          \     |  \        I_  O  _I_,==.:
| A beer doesn't get upset    >----|===`------'I `---' I |  |:
| if you come home with      /    _ \          I       I |  |:'
| another beer!             /    (   `-,-----============:__;:
|                          /    (_    O    __)       \_      :
| ,,---.__________________/       (_______)          (_)
:/

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list