North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Outbound mail filtering on large mail / web server farms - justan idea or two that I have
--On November 21, 2005 8:55:39 AM +0530 Suresh Ramasubramanian <firstname.lastname@example.org> wrote:
Oh I understand the concept perfectly well. It's just that I can't see through to an implementation easily. The system I'm referring to has no internal way of telling the difference easily between forwarded mail and 'other' mail, it's all passed into the same set of virtual tables and the only difference is local versus remote delivery. I can't classify .forward style traffic out from the regular in/out flows. I'm probably not making a whole lot of sense either right now, lets blame that on low caffeine count. I could pass all aol.com traffic (via transport) to a different box but I can't do that just for forwarded mail because inbound mail and outbound (locally generated/initial submission on port 25/etc) aren't handled seperately at all. I can see how they could be, but I don't see any provisions inside of Postfix 2.0 to handle that without separate instances. Not impossible, just impractical right now. The eventual 'plan' is to do almost exactly that, separate instances to handle/classify mail differently based on where the mail was submitted.On 11/20/05, Michael Loftis <email@example.com> wrote:quite often, which they already do to our normal mail systems even when things are going well, again, because of forwards. I'd imagine there's a way I could get just the (AOL) forwarded mail pushed to a separate machineThe difference is of course that when you separate .forward traffic to a separate IP you tell AOL its a forwarding server. And setup reverse dns + hostname for that box that says something like "dotforward.wgops.com" ... Once you do that you should be reasonably good to go
I guess I'm really curious as to how others might implement something like this. I'd run three instances (machines if you must view it like that) of the MTA, one inbound the outside, say $world, the other $local, the third (call it $forward if you will) is where $world would send all of it's forwarded/outbound mail to that won't be delivered locally. $local would handle local delivery and external delivery for local machines. I think in Exim though it's cleaner because you can specify special processing for other steps. My system has a bit more complication because of the fact we don't use any filesystem. The mail users are purely virtual to the mail system, only existing as an LDAP entry and as a Cyrus Mailbox.