You can configure an instance of sendmail running on port 587 that will only accept authenticated traffic, and use its own queue folder (/var/spool/mqueue.auth for example). That should keep things nice, neat and separate.<br>
<br><div class="gmail_quote">On Wed, May 27, 2009 at 3:13 PM, Gary Faith <span dir="ltr"><<a href="mailto:gafaith@asdm.net">gafaith@asdm.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div style="margin: 4px 4px 1px; font-family: Segoe UI; font-style: normal; font-variant: normal; font-weight: normal; font-size: 10pt; line-height: normal; font-size-adjust: none; font-stretch: normal;">
<div>I can check to see if I can send to another port. </div>
<div> </div>
<div>How do I configure another sendmail daemon to listen on a different port? Will this daemon receive and send or would I specify the "out queue" of the Mailscanner sendmail process as it's queue? Not real sure about this.</div>
<div> </div>
<div>Gary<br><br>>>> Scott Silva <<a href="mailto:ssilva@sgvwater.com" target="_blank">ssilva@sgvwater.com</a>> 5/27/2009 3:55 PM >>><div><div></div><div class="h5"><br>on 5-22-2009 5:47 PM Gary Faith spake the following:<br>
> I am trying to get around the problem of whitelisting my entire domain<br>> which is what I did earlier by allowing any message FROM my domain name<br>> without scanning. As I said earlier, this caused problems because<br>
> people were using my server to send spam using my domain. I only want<br>> it to not scan e-mail when it is from the server that authenticates. <br>> <br>> The server that I am talking about is a mail server, which used to have<br>
> a static IP, I use for another unrelated business and my personal<br>> e-mail. Due to circumstances, I had to move the server to dynamic DSL<br>> (YUCK!) and now I need to relay the mail through the mail scanner<br>
> because outbound mail would be blocked by RBL's and I have no option to<br>> add another mail scanner server at this time. There are other<br>> people that I need to have admin access to mailwatch & mailscanner<br>
> giving them the ability to add users, change configuration, read &<br>> release messages, etc. I do not want others to be able to read my other<br>> business & personal e-mails, etc. So you see that is why I don't want<br>
> all mail scanned. <br>> <br>> I need a solutions and I thought someone on this list would have a<br>> brilliant idea on how to do this. It can't be that hard, can it?<br>> <br>>>>> Eli Wapniarski <<a href="mailto:eli@orbsky.homelinux.org" target="_blank">eli@orbsky.homelinux.org</a>> 5/21/2009 12:54 AM >>><br>
> Gary... With all due respect. Assuming that the mail coming from your<br>> servers is not affected by something bad is a mistake. Not to mention,<br>> spam that uses your domain as email addresses in the to / from to get<br>
> around just the kind of scenario is also makes your strategy a mistake.<br>> <br>> What harm besides having your server do some work would be caused by<br>> having all the mail scanned?<br>> <br>> On Thursday 21 May 2009 04:50:33 Gary Faith wrote:<br>
>> I am running MailScanner 4.75 on x86_64 and Sendmail 8.13. I have a<br>> situation where I am relaying e-mail for a trusted mail server with a<br>> dynamic IP who connects to my mail scanner via SMTP Auth. I don't have<br>
> a need for scanning the outbound e-mail from this server but I do need<br>> to have the inbound mail scanned. So I figured I would add the domain<br>> to scan.messages.rules. <br>>> <br>>> From: <a href="http://domain.com" target="_blank">domain.com</a> no<br>
>> <br>>> This had the effect of stopping scanning of the mail which was<br>> desired but now spam is coming in with the From addresss the same as<br>> the To address like: <a href="mailto:xyz@domain.com" target="_blank">xyz@domain.com</a> to <a href="mailto:xyz@domain.com" target="_blank">xyz@domain.com</a>. These messages<br>
> are not being scanned and getting passed through due to the rule above. <br>> Obviously, I didn't think this through correctly and I need a better<br>> solution.<br>>> <br>>> What is required:<br>
>> 1. Outbound mail from the server with a dynamic IP which<br>> authenticates to the mail scanner via SMTP Auth = Not Scanned. I<br>> wouldn't care if it just goes from sendmail-in to sendmail-out and not<br>
> even go through mailscanner but I don't know if that is possible.<br>>> 2. All other mail scanned (like normal).<br>>> <br>>> I know I can't base a rule on the IP address since it is dynamic but I<br>
> am unsure of any other way to accomplish this. Any thoughts on how I<br>> can accomplish this?<br>>> <br>>> Thanks,<br>>><br>>> Gary Faith<br>>><br>Can you set your system to send to your scanner on another port? You could set<br>
another daemon to listen on that port and then dump the mail on without<br>scanning it.<br><br></div></div></div></div>
<br>--<br>
MailScanner mailing list<br>
<a href="mailto:mailscanner@lists.mailscanner.info">mailscanner@lists.mailscanner.info</a><br>
<a href="http://lists.mailscanner.info/mailman/listinfo/mailscanner" target="_blank">http://lists.mailscanner.info/mailman/listinfo/mailscanner</a><br>
<br>
Before posting, read <a href="http://wiki.mailscanner.info/posting" target="_blank">http://wiki.mailscanner.info/posting</a><br>
<br>
Support MailScanner development - buy the book off the website!<br>
<br></blockquote></div><br><br clear="all"><br>-- <br>Alex Neuman van der Hans<br>Reliant Technologies<br>+507 6781-9505<br>+507 202-1525<br><a href="mailto:alex@rtpty.com">alex@rtpty.com</a><br>Skype: alexneuman<br>