Very newbie relaying question
Alex Neuman van der Hans
alex at nkpanama.com
Thu May 3 23:15:24 IST 2007
René Berber wrote:
> You are using the old syntax, which may not be what you want.
>
> If all your server IPs are public then you are on the right track, if
> your servers have internal/external addresses you are better off using
> the internal ones.
>
> An example of what you can do is access as:
>
> # Allow relying from LAN
> Connect:192.168.0 RELAY
> Connect:127.0.0.1 RELAY
> Connect:exchange_server_IP RELAY
> # Whitelist
> Connect:other_external_IP RELAY
>
You're assuming there is a zero percent chance any of the machines on
the internal network may be spam zombies. This isn't usually true.
You might want to look into SMTP AUTHentication and/or allow relaying
only from the (ugh) exchange box, which should be set to only allow
relaying from AUTHenticated users.
More information about the MailScanner
mailing list