Guys, Thanx for the comments...
I think the light is starting to dimly glow above my head! However, if I add these IP hosts to $mynetworks, wouldn't I then need to create some type of access map that explicitly denies any sender addresses from the domains we protect. In other words: smtpd_sender_restrictions = permit_mynetworks, hash:/etc/postfix/reject_map ...where <reject_map> contains: example.com REJECT example.org REJECT etc. If this is true, then I'm on board with your ideas/plan/approach...if I'm still off base, forgive my apparent (and utter) ignorance! Thanx for your patience... Dustin. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gary V Sent: Thursday, March 16, 2006 1:54 PM To: amavis-user@lists.sourceforge.net Subject: Re: [AMaViS-user] Advanced Rule... Dustin wrote: > This would be true if our server was directly attached to or hosted all > the mailboxes for the protected domains...we, however, are only using > this solution as a gateway for incoming mail for all the domains we > protect...which postfix then forwards (after filtering, etc.) to the > 'real' mail host for the particular domain... > As a result, settings regarding $mynetworks really won't help in this > situation...unless I am missing something (large!)... I think you could place the IP addresses of the (outgoing) mail servers for which you relay mail in mynetworks to solve the 'mynetworks' problem. For the example.com domain you relay to host mail.example.com. The users at example.com send mail out through host smtp.example.com. Place the IP address of smtp.example.com in mynetworks. That way if someone at example.com creates an email to example.org (also one of your domains), it will not be rejected. If someone from a different network claims to be sending from example.com, they will be rejected. Once again, this breaks forwarding (which probably cannot be avoided no matter which method you use) and requires that people claiming to be from one of your domains actually uses servers listed in mynetworks for their outgoing mail. Gary V ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/ ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/