On Tue, 6 Dec 2005, Achim Schmidt wrote: > Hello List, > > because of the amount of Virus-Emails we are facing a major problem now. > First let me explain our current MX-Constellation: > > - Mail for exmaple.com has MX-Entries to mx.waaf.net > - mx.waaf.net are several machines running postfix/virusscanner > - if the email passes all tests it is delivered to the final destination > machine running xmail > - [EMAIL PROTECTED] also sent email through this xmail-box. > > Now there are more and more viruses that don't care about MX-Records and > drectly try to deliver mail for [EMAIL PROTECTED] to mail.exmaple.com. > Mail.example.com resolves to the xmail-box. > > > My solution to get rid of this non-filtered Virus-Emails is to only > allow SMTP-connections to the xmail-box from our subnets, where the > mx.waaf.net machines are located _AND_ from authorized IP-adresses > (SMTP-AUTH, POP-before-SMTP). > > I just tried to use smtp.ipmap.tab - but with the result that only the > mentioned subnets where allowed to relay and authoriezed IP-adresses > where denied. > > Does anybody have a hint?
I'll put this in my to-do list. The ip-map check can be moved inside where all other checks are, so that we can make it bypassable with AUTH. - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]