Let postfix bypass MailScanner for specific recipients

Hugo van der Kooij hvdkooij at vanderkooij.org
Mon Jan 14 18:02:01 GMT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Glenn Steen wrote:
| On 13/01/2008, Hugo van der Kooij <hvdkooij at vanderkooij.org> wrote:
|> -----BEGIN PGP SIGNED MESSAGE-----
|> Hash: SHA1
|>
|> Drew Marshall wrote:
|> | On 13 Jan 2008, at 16:08, Hugo van der Kooij wrote:
|> |
|> |> -----BEGIN PGP SIGNED MESSAGE-----
|> |> Hash: SHA1
|> |>
|> |> UxBoD wrote:
|> |> | Sorry, being dumb today! That wouldn't make any difference anyway as
|> |> each line of the header is parsed.
|> |>
|> |> We need to have some sort of AND function on 2 regexp in postfix.
|> |>
|> |> Hugo.
|> |
|> | Hugo
|> |
|> | I have tried, with out success to do something similar before. The
|> | problem is that Postfix doesn't have any 'not' or 'and' rule
|> | understanding, which is pretty limiting, however, there might be an
|> option.
|> |
|> | How does postfix receive your time critical mail? Is it possible to
|> | inject it using the sendmail binary? If so you can set a regex to only
|> | hold mail based on your server ID like thus:
|> |
|> | /^Received:(.*)by your\.mail-server\.name \(Postfix\)/   HOLD
|>
|> I will receive it from various remote servers (1 for now) by SMTP.
|>
|> Basically I send it with a custom perlscript to a remote SMTP server to
|> start the timer and at the end of the chain it gets send back to me so I
|> know the whole SMTP chain is alive and how long it took to process
|> through the chain.
|>
|> The concept was deviced over a drink last friday night and by now the
|> SMTP chain works I just need to parse the results and setup alerting if
|> certain steps take to long.
|>
|> Hugo.
|>
| Hopefully the drink was a tasty... fruitjuice?!:-)

Nahh. Just two sorts of beer and two sorts of softdrinks.

| I suppose you've considered the possibility of a second listener? Have
| a "high" port smtpd defined without the header check... have the
| "respondee" send to that one...?
| Or wouldn't that be feasible with what you're trying to do?

I have not given it a real hard thought. The majority of our SMTP
products are able to connect to any port I see fit to configure. But I
need to work out that after I tackled the reporting issue. I got some
great ideas from the SEC mailinglist.

Hugo.

- --
hvdkooij at vanderkooij.org               http://hugo.vanderkooij.org/
PGP/GPG? Use: http://hugo.vanderkooij.org/0x58F19981.asc

	A: Yes.
	>Q: Are you sure?
	>>A: Because it reverses the logical flow of conversation.
	>>>Q: Why is top posting frowned upon?

Bored? Click on http://spamornot.org/ and rate those images.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHi6OVBvzDRVjxmYERAp0UAJ4s20vhb19TD388jv2GeGJJ6OgcHwCZAXFv
FDH91v5hC4s6QZ61f1+mOzk=
=HxA8
-----END PGP SIGNATURE-----


More information about the MailScanner mailing list