[Mimedefang] MD New Feature Request
David F. Skoll
dfs at roaringpenguin.com
Wed Sep 11 17:54:01 EDT 2002
On Wed, 11 Sep 2002, Jim McCullars wrote:
> We have one main campus email gateway, but at times, incoming mail could
> go through a backup gateway. I would like to run MD as a milter on a
> third machine, that could filter mail for either of the two gateway
> machines.
OK. That's an interesting approach, but should work. It does, however,
introduce a single point of failure which (presumably) having two
gateways is designed to avoid. Is there a reason you don't want to
run MD on both gateways?
> If I want to take advantage of looking at the "HELO" string and
> determining if someone is deliberately spoofing their identity, I need to
> know which of my two gateways is doing the calling.
Why is that? Can't you just allow both IP's to call themselves
"uah.edu"?
> Would it be possible
> to add yet another argument to filter_relay, that has the IP address of
> the machine that is *receiving* the mail?
Not easily, because that info is not passed by milter. It may be possible
to hack milter to return the address of the machine connecting via the
milter socket, but I don't know offhand how to do it.
> In addition, can you think of any issues I need to take into account if I
> want to run the milter on a different machine, or running a milter for
> more than one machine? Thanks...
Miltering for more than one machine introduces a single point of failure.
I would sat it's better to run separate milters on each machine.
Regards,
David.
More information about the MIMEDefang
mailing list