[Mimedefang] Only scanning incoming messages?
David F. Skoll
dfs at roaringpenguin.com
Wed May 15 16:40:15 EDT 2002
On Wed, 15 May 2002, Matt A. Gargett wrote:
> Would there be a way to only scan incoming messages and not outgoing?
Yes and no.
No, in that sendmail does not distinguish between "incoming" and "outgoing"
mail at the SMTP level.
Yes, if you know the relay IP addresses of your internal users. For
example, if all your internal users are on 192.168.55.0/24, you can
do this:
sub filter_begin {
$FromInternal = ($RelayAddr =~ /^192\.168\.55/);
}
sub filter {
# ...blahblahblah
if (! $FromInternal) {
# Do expensive spam-processing...
}
}
If your internal users are all NATed before your mail server, it's
even easier, because they appear to come from one address (or a small
pool of addresses.)
It is never a good idea to base processing decisions on the sender
e-mail address, because that's easy to fake. The relay IP address
is a lot harder to fake, and practically impossible if you use
proper ingress rules on your firewall.
Regards,
David.
More information about the MIMEDefang
mailing list