How to ignore all outgoing mail in MailScanner - SOLVED

Scott Silva ssilva at
Fri Jan 4 00:11:49 GMT 2008

on 1/3/2008 10:39 AM Ronny T. Lampert spake the following:
>> It sounds as though your internal network is more than minimally 
>> complex. I'm fortunate: we have only one authorized mail emitter 
>> internally, even if it *is* the dreaded-and-despised Lotus Domino. 
> Well, multiple continents and failover are adding (rightfully) to 
> complexity.
>> Can you split your mail processing into an inbound-only server and an 
>> outbound-only server? We did, where I work, and that took care of a 
>> *lot* of problems -- while generating others, to be sure, but those
>> are easily solved. Our outbound mail load is very small, compared to 
>> the raging torrent of mail, most of it junk, which we see inbound.
> No, that is not possible as it would e.g. double the needed hardware, 
> add more rules to our internal mail routing etc.
> But the
> Scan Messages = %rules-dir%/scan.messages.rules
> seems to do the trick.
> I'm auto-generating this file from postfix's trusted smtp servers (3 
> lines bash) from which I also automatically generate my transport table.
> Whitelisting is not an option as we still add headers to the mail and 
> also scan it -- embarassing to leak that info to the outside, if an 
> outgoing mail is tagges as SPAM!
It is also embarrasing if outgoing e-mail IS spam, and you get blacklisted.
I think I would still scan outgoing mail, and fix a ruleset to bounce bad back 
to originator "ONLY IF" they are on one of your servers. All you need is a bot 
on a users PC inside your network, which is very easy for some (l)users to get.

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

More information about the MailScanner mailing list