Hi, > I have a trivial question, which could become a wish list feature. > > There are three MTAs. First is a web server postfix instance that relates all > mail to the second MTAS, a relay server, which can send mail directly to the > world. This relay server and a third MTA are two postfix multi instances. > > The relay server is for all kinds of other satellites (other machines with > i.e. Cron and log heck messages), for some business customers, who want to > send newsletters or mails with a little bit larger attachments. Short: the > relay server may become in trouble, if bad recipient addresses are in place, > > The third instance is the real MTA. All received mail is coming in on this > instance, as normal mail from submission is sent to the world. This server > also does SPF, DKIM, DMARC on incoming mail. > > Now the problem that came up this day: > > A customer has a website the probably has a contact form. Internally it sends > mail with sendmail command, setting the envelope address to > webmas...@domain.tld. Unfortunately the form does set a From:-header to an > AOL address. > > The email destination is managed by the real MTA. So what happened? Mail > arrived on www with sendmail, was delivered to the relay server that > contacted the real MTA and this server rejected the mail with DMARC policy. > > Fully correct behavior. > > Now my question: > > When the relay server determines the MX for a recipient address, is there any > table that works like this: > > MX host is foo bar, use transport SMTP:[some.mta]:12345 > > So I could define a SMTP-in for the relay server, if the real MTA is > responsible for the destination. I could disable all kinds of millers and > make the relay server a mynetworks only hook.
I took me some time, but I finally wrote a milter vrfydmn that can handle such problems. And some mire… :-) If you are interested in the milter, feel free to have a look at https://github.com/croessner/vrfydmn It still needs more documentation, but a first README.md is provided and also a picture of my current mail system that demonstrates the use of this milter. Feedback welcome Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
