> -----Original Message----- > From: owner-postfix-us...@postfix.org > [mailto:owner-postfix-us...@postfix.org] On Behalf Of James Robertson > Sent: Monday, 26 January 2009 1:50 AM > To: postfix-users@postfix.org > Subject: Re: relay_domain = * safe configuration? > > On Sun, 25 Jan 2009 23:58:36 mouss wrote: > > James Robertson a écrit : > > > Hi, > > > > > > > > > Can I safely set: > > > > > > relay_domains = * > > > > do you mean > > relay_domains = static:all > > ? > > > > why would you do that? I mean what is the (real, business) problem you > > are trying to solve? > > > > since you update the list of recipients, you can also update the list > > of relay domains, with something like: > > > > sed 's/^...@]*@/@/' relay_recipients |sort|uniq > relay_domains > > Sorry for the bad initial question. *cringes* > > I am using the getadsmtp.pl script to pull addresses from an > exchange server to a box that does spam filtering on the > inbound mail (no mail is delivered locally to the antipspam > box). when we have to add domains to the Exchange Server we > have also been adding them to relay_domains and transport in > postfix on the antispam box. > > We just run the getadsmtp.pl script every hour on the hour to > grab any addresses that may have been added or removed from > the domain/s. > > the main issue is that we have quite a few of these postfix > antispam boxes installed at clients sites now and not alot of > Linux/Postfix able technicians to make changes to them, so if > a domain is added and a Windows tech forgets to advise us or > no-one is available to configure it, mail won't deliver to the domain.
Well, when that happens, it suddenly becomes in the interest of the Windows admin to advise you that they have configured a new domin. I don't understand why you're interested in cleaning up someone else's mess. Of course, this assumes that you have a clearly-documented process about adding new domains, which stipulates that you must be advised if they expect mail to be delivered. You also might consider pulling your antispam process back a layer - don't install Postfix boxes at each crappy little site. Have a couple of big boxes that act as Mxes for the customer domains, and which then relay to their Exchange servers. Of course, that would assume you don't quarantine spam emails on the Postfix servers, but tag-and-deliver. It won't solve the problem of the Windows admins advising you when they've configured a new domain, but perhaps that should be done as soon as the customer "signs up". You get a new customer, they are going to manage blah.domain, you configure the relay stuff then, even before they get their Exchange server up.
