Re: avoiding overload on port 587
- On 12/3/2012 8:21 PM, /dev/rob0 wrote:
> On Mon, Dec 03, 2012 at 07:34:13PM -0600, Stan Hoeppner wrote:I specifically avoided mentioning this scenario in hopes of preventing a
>> On 12/3/2012 2:55 PM, mouss wrote:
>>> Le 03/12/2012 10:07, Stan Hoeppner a écrit :
>>>> You might want to look into these as well:
>>>> -o content_filter=
>>> ahem? submission or not, it must go through a malware filter.
>> Sorry for the oversight. Yes, one would want to include clamav or
>> other malware checker, but exclude Spamassassin or any spam filter
>> geared toward inbound public mail. Excluding SA reduces load, and
>> prevents mail being scored as spam due to dynamic IP status, etc.
> Spamassassin can be tailored for the job of submission scanning. The
> URIBL checks are particularly good at detecting compromised accounts.
long OT thread about SA implementation. It seems clear that outbound
scanning wasn't on the OP's radar. If he chooses to implement it at a
later date it could be picked up in discussion at that time.
- On Tue, Dec 04, 2012 at 07:46:10AM -0600, /dev/rob0 wrote:
> On Tue, Dec 04, 2012 at 11:59:01PM +1300, Peter wrote:Or better yet: replace it with postscreen.
> > I would still also set up port 587 on the mail.example.com
> > IP as submission as well and try to encourage your users (at
> > least the ones you can) to use port 587 from now on.
> What I would do, on Linux with IPv4 only, is create the submission
> port and use an iptables redirect for the alternate IP address:
> # iptables -vt nat -A PREROUTING -p tcp --dport smtp -d \
> mail.example.com -j REDIRECT --to-port submission
> This saves the overhead (system and administrative) of running
> another smtpd on [mail.example.com]:25; he can leave his "smtp ...
> smtpd" service alone in master.cf.
> I should also add as a reply to Stan in the other subthread: lookTo clarify, I meant that if those Outlook Expresses are not yet
> above at the first quoted paragraph: "Outlook Expresses setup with
> ... default configuration."
> Yikes, bad news, very bad. If not doing content filtering nor
> policy limitation of submission now, he will be soon. And possibly
> losing his job in any case. Tomas is not in a good place right now.
compromised by malware, they will be, soon.
http://rob0.nodns4.us/ -- system administration and consulting
Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: