Mailscanner initial Setup help

Manuel Kälin mkaelin at
Thu Dec 8 17:02:00 UTC 2016


This could be solved with a 2nd mailscanner as 2nd mx and change
mydomain.tld Server that it accepts just from the mailscanner server.
Or am i missing something?


----- Ursprüngliche Nachricht -----
Von: "MailScanner Discussion" <mailscanner at>
An:"MailScanner Discussion" <mailscanner at>
Gesendet:Thu, 8 Dec 2016 17:38:02 +0100
Betreff:Re: Mailscanner initial Setup help

 Hello everybody,

 this is exactly how we have our set-up - should we write some
documentation and 
 try to get it added to the MailScanner docs on the web site?

 - It's actually more DNS and PostFix/Sendmail set-up issue than
MailScanner but 
 I always thought that the MailScanner site would be a good place to
 this information because it's going to be a "standard" requirement.

 Here's the concept:

 The domain is "mydomain.tld" and this IP_Addr is running a web and
e-mail server 
 (etc.,etc., etc.)

 We want to set up a separate host to act as a mail "hub" with
MailScanner (spam 
 and virus) which scans the mail before passing it onto

 For the purposes of this exercise let's call this "mailscanner hub"
host :

 In order that mail for mydomain.tld is first sent to 
 "mailscanner.anotherdomain.tld" we have to have access to the DNS -
MX records 
 for "mydomain,tld"
 We set-up two MX records:
 mydomain.tld MX10 mailscanner.anotherdomain.tld.
 mydomain.tld MX20 mydomain.tld.

 This makes sure that if there's a problem with our "mailscanner hub"
mail still 
 gets through....

 Don't forget that anotherdomain.tld is also going to accept e-mail
via it's own 
 MX records AND that mailscanner.anotherdomain.tld should be pointed
to by an 
 A-record and should NOT be a CNAME.

 Now, on mailscanner.anotherdomain.tld
 - we set up the mail server (my experience is with Sendmail and
 - we set up Mailscanner
 and we test that it all works for mail going to anotherdomain.tld

 Then we set up Sendmail or Postfix to forward non-local mail to

 From experience, the problem with this concept is the spammers who
ignore the 
 dns and send directly to the smtp server at "domain.tld".
 And, this is where someone else could help out with a good solution
that doesn't 
 mean installing another mailscanner on "domain.tld"

 Does this sound about right?


 PS: there are a couple of other tools needed of course - maildrop and

 Manuel Kälin wrote on 2016-12-08 16:13:
 > Hi
 > Yes, we need this second solution with incoming and outgoing direct
trom the
 > final hosts.
 > Have you set this up with postfix and how did you forward the
mails? As files or
 > something like smarthost?
 > Manuel
 > ----- Ursprüngliche Nachricht -----
 > Von:
 > "MailScanner Discussion" <mailscanner at>
 > An:
 > "MailScanner Discussion" <mailscanner at>
 > Cc:
 > Gesendet:
 > Thu, 8 Dec 2016 10:03:38 -0500
 > Betreff:
 > Re: Mailscanner initial Setup help
 > That's my solution as well. All the mail comes in to the central
 > scanning server and is then forwarded on to the final destinations.
 > model where the final delivery servers receive the mail, forward it
to a
 > central scanner, and then receive the results, is much harder to
set up.
 > In the first stage you don't want the server to be the final
 > host, while in the second you do.
 > Peter
 > On 12/08/2016 08:42 AM, Heino Backhaus wrote:
 > > I think I would prefer to receive the mails with Mailscanner,
check them
 > > and forward them to Server A or B.
 > --
 > MailScanner mailing list
 > mailscanner at

 MailScanner mailing list
 mailscanner at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the MailScanner mailing list