On Tuesday 06 December 2005 09:54, Achim Schmidt wrote: > Hello List, > > because of the amount of Virus-Emails we are facing a major problem now. > First let me explain our current MX-Constellation: > > - Mail for exmaple.com has MX-Entries to mx.waaf.net > - mx.waaf.net are several machines running postfix/virusscanner > - if the email passes all tests it is delivered to the final destination > machine running xmail > - [EMAIL PROTECTED] also sent email through this xmail-box. > > Now there are more and more viruses that don't care about MX-Records and > drectly try to deliver mail for [EMAIL PROTECTED] to mail.exmaple.com. > Mail.example.com resolves to the xmail-box. > > > My solution to get rid of this non-filtered Virus-Emails is to only > allow SMTP-connections to the xmail-box from our subnets, where the > mx.waaf.net machines are located _AND_ from authorized IP-adresses > (SMTP-AUTH, POP-before-SMTP). > > I just tried to use smtp.ipmap.tab - but with the result that only the > mentioned subnets where allowed to relay and authoriezed IP-adresses > where denied.
I don't have an XMail solution to your problem, but if it were up to me I would prefer to handle this with DNS or firewall changes anyway. Idea 1 - Delete the "mail" CNAME (or change the host name and A record) for the example.com server. Assign a less obvious name like smtp42 and have the authorized clients use the smtp42 alias. Idea 2 - Adjust the firewall rules on mail.example.com to only allow port 25 connection from the authorized IPs and reject everything else. Idea 3 - If your server supports it, use DNAT on mail.example.com to forward port 25 traffic to mx.waaf.net. Jeff - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
