> Hi Fernando, > > Very good idea. > > Have you ever thougth about adding a program to intercept the passing messages > with QMAILQUEUE patch, which would query the ldap directory for the the user's > mailClass attribute, and based on it, allow or deny the passing message? > > This way you wouldn't need the Postfix server. > > Can you understand this idea? If yes, can you see drawbacks on it? > > Regards, > bruno >> >> I have exactly the same problem. I worked a solution by: >> >> 1) Installing Postfix as my frontline smtpd, bounded >> to eth0-ip-address:25 >> 2) Creating a openldap schema with an attribute called >> mailClass, which can have values like: >> interNet= receives/sends only from/to Internet >> intraNet= receives/sends only from/to Internal mail >> all= receives/sends from/to Internet and Internal mail >> 3) Installing qmail-ldap as backstage smtpd, same machine >> as Postfix, bounded to 127.0.0.1:25 >> >> Configuration for Postfix looks at the recipient and >> retrieves attribute mailClass. Then, it looks at the >> sender and proceeds accordingly, relaying the email to >> qmail-ldap at 127.0.0.1 or returning a non-authorized >> email message to the sender. >> >> If authorized, qmail-ldap receives the email and proceed >> to remote or local delivery. >> >> Pros: Postfix can be very good at blocking SPAM, so I >> inserted anti-spam rules in it, besides the rules >> for filtering out non-authorized mails. >> >> Cons: One more smtp service to maintain. Not that dificult, >> but it means using more resources, like memory, cpu >> and disks. >> >> -- >> Bye, >> Fernando Maciel Souto Maior >> [EMAIL PROTECTED] >> http://www.araujo.com.br >> +55+31 3270-5886 >> LPIC/1 # 31908
Bruno, Actually, the only draw back I can see is I am not good enough to hack that piece of code :) But I do like to have Postfix there, it is pretty good at slamming out spam. -- Bye, Fernando Maciel Souto Maior [EMAIL PROTECTED] http://www.araujo.com.br +55+31 3270-5886 LPIC/1 # 31908 AVISO------------------------------------------------------------- Esta mensagem pode conter informacao confidencial ou privilegiada. Se voce nao for o destinatario ou a pessoa autorizada a receber esta mensagem, nao pode usar, copiar ou divulgar as informacoes nela contidas ou tomar qualquer acao baseada nessas informacoes. Se voce recebeu esta mensagem por engano, favor avisar o remetente imediatamente, respondendo o e-mail e em seguida apagando-o. Obrigado pela cooperacao. DISCLAIMER-------------------------------------------------------- This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on any information herein. If you have received this message in error, please advise the sender immediately by replying to this e-mail and delete this message. Thank you for your cooperation. ------------------------------------------------------------------ This email was sent using SquirrelMail - http://squirrelmail.org
