-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Erik Weber wrote:
> Maybe I was unclear but what I want to accomplish is
this:
>
> Domain1 = the domain that only should origin from maia
> Domain2 = all other domains, should origin from the
internet
>
> Written in some sort of pseudo-code:
>
> 1: If ( recipient_domain = domain1)
> if (origin_server = maia): Allow
> Else: reject
> 2: Elseif (recipient_domain = domain2): allow
> 3: Else: reject
>
> I got point 2 and 3 done, that's the easy part. It's
number 1 I'm
> troubling with.
I think you're confusing a couple of issues here. If this
MTA is
downstream from amavisd-maia, it should only be accepting
mail from the
amavisd-maia host and the web server host. Allowing it to
accept mail
from the Internet (as you propose in (2)) would allow
outside senders to
bypass your Maia filters altogether.
In other words, your upstream MTA needs to accept mail from
the Internet
for domain1 and domain2, and must relay these both to
amavisd-maia.
Then amavisd-maia must relay mail for both of these domains
to your
downstream MTA. That downstream MTA should never accept
mail from any
other hosts apart from the amavisd-maia host and the web
server host.
If for some reason you want mail for domain2 to bypass Maia
entirely,
that's something you need to configure in the /upstream/ MTA
instance,
not the downstream instance.
- --
Robert LeBlanc <rjl renaissoft.com>
Renaissoft, Inc.
Maia Mailguard <http://www.maiamail
guard.com/>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGXpfZGmqOER2NHewRAhvDAJ9YjTrhipVRZV97b2gbkWblHpZQigCg
lSam
BZgqUHK4LFc8whJa2KP8Gus=
=mH9O
-----END PGP SIGNATURE-----
_______________________________________________
Maia-users mailing list
Maia-usersrenaissoft.com
http://www.renaissoft.com/mailman/listinfo/maia-users
|
