How to ignore all outgoing mail in MailScanner - SOLVED
Scott Silva
ssilva at sgvwater.com
Fri Jan 4 00:11:49 GMT 2008
on 1/3/2008 10:39 AM Ronny T. Lampert spake the following:
>> It sounds as though your internal network is more than minimally
>> complex. I'm fortunate: we have only one authorized mail emitter
>> internally, even if it *is* the dreaded-and-despised Lotus Domino.
>
> Well, multiple continents and failover are adding (rightfully) to
> complexity.
>
>> Can you split your mail processing into an inbound-only server and an
>> outbound-only server? We did, where I work, and that took care of a
>> *lot* of problems -- while generating others, to be sure, but those
>> are easily solved. Our outbound mail load is very small, compared to
>> the raging torrent of mail, most of it junk, which we see inbound.
>
> No, that is not possible as it would e.g. double the needed hardware,
> add more rules to our internal mail routing etc.
>
> But the
>
> Scan Messages = %rules-dir%/scan.messages.rules
>
> seems to do the trick.
> I'm auto-generating this file from postfix's trusted smtp servers (3
> lines bash) from which I also automatically generate my transport table.
>
> Whitelisting is not an option as we still add headers to the mail and
> also scan it -- embarassing to leak that info to the outside, if an
> outgoing mail is tagges as SPAM!
>
It is also embarrasing if outgoing e-mail IS spam, and you get blacklisted.
I think I would still scan outgoing mail, and fix a ruleset to bounce bad back
to originator "ONLY IF" they are on one of your servers. All you need is a bot
on a users PC inside your network, which is very easy for some (l)users to get.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the MailScanner
mailing list