> Hi all... > > I was wondering - what is the recommended practice to avoid scanning > outbound email that is leaving the network? I've been adding > users to the > local.cf whitelist, but if I add them by domain I am > concerned that those > spammers that send spam and make it look like it is from your > domain will be > whitelisted. (You know the ones I mean... When you get a > spam email that > says <spammer>@yourdomain.org even though that user doesn't > exist on your > domain).
I run two instances of postfix on my email relay. This lets me have the "postfix-in" instance run only on incoming emails. "Postfix-out" instance listens on the same box, on an aliased interface, only reachable from my intranet, for outgoing emails. This lets me do several nice things : - Spamassassin-scan only incoming emails - Learn as ham a real big bunch of outgoing emails, which I know are not spam (be careful about this, not every outgoing email must be learned (think of mailer-daemon responses, antivirus, etc) Postfix won't let you easily make a separation from incoming to outgoing traffic, (well, not that I know of). Therefore, running two instances is one way.
