Subject: | |
From: | |
Reply To: | |
Date: | Mon, 6 Feb 2006 11:37:43 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Michael Mansour wrote:
> Hi Michael,
>
>> Hi, folks. We'd like to use iptables on a SL 3.x box to redirect
>> incoming email messages to a central spam/virus-filter system, where
>> it would be scanned and, possibly, sent back to the SL box.
>>
>> I.e., iptables has to accept mail from the spam/virus-filter box,
>> but re-vector all other email TO the spam/virus-filter box.
>>
>> It looks as if the DNAT option is what we want, but we haven't been
>> able to make this work.
>>
>> If you have this working, would you please contact me directly? Thanks.
>
> Wouldn't it be easier to MX inbound mail to the central spam/virus-filter
> system and then deliver "clean" mail to the relevant servers? (which can be
> the SL box).
Hi, Michael. It's certainly a good idea to use MX records as you
describe, and we do that already. Unfortunately, we have empirical
evidence that many spammers don't bother to use the MX records.
We could also just reject email that doesn't arrive via our spam/virus
filter, but it's hard to be sure that there isn't some legitimate source
of email that's using the 'A' record. Email is a VERY touchy subject.
Thanks.
- Mike
--
Michael Hannon mailto:[log in to unmask]
Dept. of Physics 530.752.4966
University of California 530.752.4717 FAX
Davis, CA 95616-8677
|
|
|