Outbound mail filtering on large mail / web server farms - just an idea or two that I have

• Previous message (by thread): Outbound mail filtering on large mail / web server farms - just an idea or two that I have
• Next message (by thread): Outbound mail filtering on large mail / web server farms - just an idea or two that I have
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--On November 21, 2005 8:55:39 AM +0530 Suresh Ramasubramanian 
<ops.lists at gmail.com> wrote:

> On 11/20/05, Michael Loftis <mloftis at wgops.com> wrote:
>> quite often, which they already do to our normal mail systems even when
>> things are going well, again, because of forwards.  I'd imagine there's a
>> way I could get just the (AOL) forwarded mail pushed to a separate
>> machine
>
> The difference is of course that when you separate .forward traffic to
> a separate IP you tell AOL its a forwarding server. And setup reverse
> dns + hostname for that box that says something like
> "dotforward.wgops.com" ...
>
> Once you do that you should be reasonably good to go
>

Oh I understand the concept perfectly well.  It's just that I can't see 
through to an implementation easily.  The system I'm referring to has no 
internal way of telling the difference easily between forwarded mail and 
'other' mail, it's all passed into the same set of virtual tables and the 
only difference is local versus remote delivery.  I can't classify .forward 
style traffic out from the regular in/out flows.  I'm probably not making a 
whole lot of sense either right now, lets blame that on low caffeine count. 
I could pass all aol.com traffic (via transport) to a different box but I 
can't do that just for forwarded mail because inbound mail and outbound 
(locally generated/initial submission on port 25/etc) aren't handled 
seperately at all.  I can see how they could be, but I don't see any 
provisions inside of Postfix 2.0 to handle that without separate instances. 
Not impossible, just impractical right now.  The eventual 'plan' is to do 
almost exactly that, separate instances to handle/classify mail differently 
based on where the mail was submitted.

I guess I'm really curious as to how others might implement something like 
this.  I'd run three instances (machines if you must view it like that) of 
the MTA, one inbound the outside, say $world, the other $local, the third 
(call it $forward if you will) is where $world would send all of it's 
forwarded/outbound mail to that won't be delivered locally.  $local would 
handle local delivery and external delivery for local machines.  I think in 
Exim though it's cleaner because you can specify special processing for 
other steps.  My system has a bit more complication because of the fact we 
don't use any filesystem.  The mail users are purely virtual to the mail 
system, only existing as an LDAP entry and as a Cyrus Mailbox.

• Previous message (by thread): Outbound mail filtering on large mail / web server farms - just an idea or two that I have
• Next message (by thread): Outbound mail filtering on large mail / web server farms - just an idea or two that I have
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]