Jose Fragoso wrote:
Hi,
I am planning to setup a network with a OpenBSD/SPAMD firewall,
and an internal POSTFIX server with SASL SMTP AUTH.
While think about it, I realized that I have a problem here.
Whenever a mobile user wants to send mail (relaying) through
the POSTFIX server, he will have to go through the greylist
process. I can tell my users to try at least 3 times ( in a
period of 30 minutes) to send email messages every time they
change IP address. But then, I will end up with a bunch of
whitelisted dynamically allocated IPs by various ISPs.
So my question is: what is the best way to deal with this
kind of situation. Should I reduce the value of whiteexp ?
Has anybody thought of way of cleaning such road-warrior
addresses on a daily basis ? To be fare, these address
should not stay in the whitelist for long, since they
change hands quite often!!
Any comments, suggestion, links would be appreciated.
Best regards,
Jose
I do this with qmail.
You need another smtp server listening on another port for relaying
mail. 587 is the smtp submission port, 465 is the SSL-wrapped port.
Once your relay users authenticate, you can relay out and skip talking
to your own port 25 smtp daemon.
I run TLS on port 587, and SSL on 465.
Jeff
