* Linda Pagillo <[email protected]>:
> Thank you for this Patrick. My problem is, I want to disable the milter for
> outgoing authenticated email on those ports, not enable the milter for
> them. Also.. I want the milter to still run on non-authenticated email. For
> example... [email protected] is a valid user on the server. They want to send
> mail out on ports 25... I would want to the milter to bypass this because
> they are authenticated. Now... if [email protected] tries to send mail out
> of the server on port 25 and they do not authenticate, I want the mitler to
> run. Is this possible?
If you are able to split authenticated from unauthenticated traffic by ports
Postfix can do that for you. In this case follow the example I sent in my
previous mail.
If you cannot split authenticated from unauthenticated traffic two approaches
come to my mind:
SNFMilter
Use a mechanism in SNFMilter to tell authenticated from unauthenticated
senders. A quick glance at the INSTALL file suggest it might be possible
to signal SNFMilter should become active by setting x-headers. I am not
familiar with the product. Maybe someone else on this list or on a
SNFMilter-related list has more information on that.
split traffic by IP
Get a new IP for your mail service and configure Postfix to use that one
too. Announce the new IP as MX. From now on all external traffic will
enter your mail system via the new IP. Scan all traffic on the new IP
using SNFMilter. Do not scan traffic on the old IP.
p@rick
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
