Loading ...
Sorry, an error occurred while loading the content.

Validating relay-recpient/relay-domain per hostname

Expand Messages
  • Jeroen Koekkoek
    Hi All, I want to support the following situation: Our customers have two connections to the internet e.g. a DSL and a broadband connection (cable). They don t
    Message 1 of 2 , Sep 28, 2009
    • 0 Attachment
      Hi All,

      I want to support the following situation:

      Our customers have two connections to the internet e.g. a DSL and a broadband connection (cable). They don't have the ability to setup reverse DNS, but both hosts are in DNS under mail.domain.tld. We relay all incoming mail to smtp:[mail.domain.tld]:25, so when a single connection is down, mail is relayed to the other host. We also relay outgoing mail for both IPs, but we want the customer to only relay mail from @... through our servers.

      I'm thinking about writing a policy service to just resolve mail.domain.tld and then check if the IP addresses match. I want to use the email address or domain name as a key, to shorten the list of hostnames I have to resolve. Usually I shouldn't have to resolve more than one or two hostnames, so I think this acceptable.

      Does anyone know of a another (better) way to achieve this?

      Best regards,

      Jeroen Koekkoek
    • Noel Jones
      ... Just use the client s IP. If it s a dynamic IP, use SASL AUTH. -- Noel Jones
      Message 2 of 2 , Sep 28, 2009
      • 0 Attachment
        On 9/28/2009 2:22 AM, Jeroen Koekkoek wrote:
        > Hi All,
        >
        > I want to support the following situation:
        >
        > Our customers have two connections to the internet e.g. a DSL and a broadband connection (cable). They don't have the ability to setup reverse DNS, but both hosts are in DNS under mail.domain.tld. We relay all incoming mail to smtp:[mail.domain.tld]:25, so when a single connection is down, mail is relayed to the other host. We also relay outgoing mail for both IPs, but we want the customer to only relay mail from @... through our servers.
        >
        > I'm thinking about writing a policy service to just resolve mail.domain.tld and then check if the IP addresses match. I want to use the email address or domain name as a key, to shorten the list of hostnames I have to resolve. Usually I shouldn't have to resolve more than one or two hostnames, so I think this acceptable.
        >
        > Does anyone know of a another (better) way to achieve this?
        >
        > Best regards,
        >
        > Jeroen Koekkoek

        Just use the client's IP. If it's a dynamic IP, use SASL AUTH.

        -- Noel Jones
      Your message has been successfully submitted and would be delivered to recipients shortly.