Daniel Bromberg:
>
> > > >> Greetings master postfixers,
> > > >>
> > > >> I am trying to solve a forwarding problem. I have two separate amavis
> > > >> instanceson my edge MX that each do spam-checking: one incoming
> > > >> (obvious), one outgoing (our users aren't too good about keeping
> > their
> > > >> computers zombie-free).
> > > >>
> > > >> For the particular case where mail passes the gateway, arrives
> > locally,
> > > >> whereupon it's discovered that it should be forwarded to an external
> > > >> address, I do NOT want it to get re-scanned by the outgoing amavis
> > > >> instance, but rather sent straight through. So, I need to route it
> > > >> differently by choosing an alternate transport (which I will just
> > set up
> > > >> as a special, 'pre-screened' smtp listening port.) However, how do I
> > > >> identify / capture this stream of forwarded mail? Right now, to the
> > > >> outgoing MX/amavis gateway, it looks exactly like it originated
> > from the
> > > >> inside, rather than having been forwarded.
> > > >>
> > > >> mysql_virtual_alias_maps, which I'm using, did not have any helpful
> > > >> references (because aliases are general, not necessarily
> > external), nor
> > > >> did several Google's about forwarding magic.
> >
> > The entry points for the inbound MTA are inbound.clean and inbound.dirty.
> >
> > The entry points for the outbound MTA are outbound.clean and
> > outbound.dirty.
> >
> > Mail received on the dirty entry points is filtered.
> >
> > Receive all mail from remote senders on inbound-dirty.
> >
> > Receive all mail from local senders on outbound-dirty.
> >
> > Configure the inbound MTA with a "relayhost" setting of outbound-clean.
> >
> > Configure the outbound MTA to send local mail to inbound-clean.
> >
> > Wietse
>
> OK I believe I've worked out your solution. However my setup is
> different. I am not specializing my MTAs for outbound/inbound.
> I have a public MX that receives mail on inbound-dirty, filters it on
> inbound-filter, and sends it to inbound-clean on the private MX, (which
> is also the IMAP server so it gets delivered locally).
There is only so much that a single Postfix instance can accomplish
without kludges, and I will not give advice with kludges.
The solution that I outline is robust because it uses separate
Postfix instances for inbound and outbound mail. Each MTA can send
cleaned mail to the other MTA's "clean" entry point.
Wietse
