[nflug] Email

David J. Andruczyk djandruczyk at yahoo.com
Sat Aug 18 18:06:41 EDT 2007 

then you say. (adj language to taste).  "Your stupid
method is NOT POSSIBLE, and will only serve to cause
LOTS of problems, instead of DOING IT RIGHT".


--- Robert Meyer <meyer_rm at yahoo.com> wrote:

> 'cuz that's what I was told to do by my manager.  If
> I were to design the system, that's *exactly* what I
> would do.  Not my choice...  I'm in the difficult
> position of trying to make something work that I
> know to be wrong to begin with.
> 
> Cheers!
> 
> Bob
> 
> ----- Original Message ----
> From: David J. Andruczyk <djandruczyk at yahoo.com>
> To: nflug at nflug.org
> Sent: Friday, August 17, 2007 9:48:12 AM
> Subject: Re: [nflug] Email
> 
> Uhhm, why can't you just assign this "relay box" to
> be
> the MX (mail exchanger) in DNS for all the other
> domains,  so INCOMING mail goes to it where it can
> be
> filtered and relayed to those other boxes..
> 
> just let those other boxes send to the internet
> DIRECTLY... 
> 
> No need for weird source routing tricks, or
> virtualization.
> 
> --- Robert Meyer <meyer_rm at yahoo.com> wrote:
> 
> > OK, guys... I cannot redesign the environment.  I
> am
> > required to follow the design.  We're replacing an
> > Imail server that holds accounts and provides
> relay
> > functions.  The Imail server will be moved to
> > another site and we need to reconstruct the relay
> > function.  All incoming mail for our clients hits
> > the relay box and is routed to the appropriate
> > backend server.  This gives us a troubleshooting
> > point and allows us to potentially do single point
> > spam and virus detection.  All mail coming from
> the
> > backend servers hits the relay before going out. 
> > Again, as a troubleshooting point and for the
> > potential for spam and virus filtering.  I cannot
> > change the overall design.  I have been requested
> to
> > find a way to make outgoing mail from different
> > clients originate from different IP addresses so
> > that if one of the clients gets put on a spam
> list,
> > it doesn't hurt all of our clients...  Those are
> my
> > constraints.  If I were to be designing this,
> those
> > of you that
> >  know me, know that I would not have designed it
> > this way.
> > 
> > So far, the only method that I know of to
> accomplish
> > this is with virtualization.  I'm looking for
> ideas.
> > 
> > Cheers!
> > 
> > Bob
> > 
> > ----- Original Message ----
> > From: Darin Perusich
> > <Darin.Perusich at cognigencorp.com>
> > To: nflug at nflug.org
> > Sent: Friday, August 17, 2007 9:18:09 AM
> > Subject: Re: [nflug] Email
> > 
> > Your "extra elbow grease to set up and get
> familiar
> > with" comment sounds 
> > like a good reason to me to use another MTA ;-).
> Why
> > not use Exim, 
> > Qmail, or Exchange for that matter? Then again
> > everyone has their own 
> > preference and in the end the same problem needs
> to
> > be resolved.
> > 
> > Pete Cummings wrote:
> > > Why not put sendmail in front of the whole mess
> ?
> > I know it takes some 
> > > extra elbow grease to set up and get familiar
> with
> > it, but I've never 
> > > been at a loss for features.
> > > Pete
> > > 
> > > eric wrote:
> > >> Starting new sub-thread..
> > >> Darin, can I ask, what are all the mail
> packages
> > you use postfix, etc..
> > >>
> > >> I'd love an outline or rough draft?
> > >>
> > >>
> > >>
> > >> Darin Perusich wrote:
> > >>> Will this machine be an MX server or will it
> be
> > behind your MX and 
> > >>> relaying from there? I'm also not
> understanding
> > your SPAM tagging 
> > >>> point. Are you concerned about your relay
> > marking mail from the 
> > >>> domains it's relaying for marking them as
> SPAM?
> > This is easily 
> > >>> remedied by setting the following spamassassin
> > rule and included ALL 
> > >>> of the relaying domains:
> > >>>
> > >>> header LOCAL_RCVD Received =~
> > /.*\(\S+\.cognigencorp\.com\s+\[.*\]\)/
> > >>> describe LOCAL_RCVD Received from local
> machine
> > >>> score LOCAL_RCVD -50
> > >>>
> > >>> The only way outgoing mail will be sent from a
> > different IP is using 
> > >>> some type of virtualization, and why doesn't
> > this even matter? It 
> > >>> sounds like over complicating the setup.
> > >>>
> > >>> You mentioned using Postfix for the MTA, a
> wise
> > move IMHO ;-). Are 
> > >>> you planning on using amavisd-new to filter,
> tag
> > spam, and virus 
> > >>> check? This is a very typical and efficient
> > setup for relaying for 
> > >>> multiple domains not to mention
> straightforward.
> > Your setup is a 
> > >>> little more complication then what I have
> setup
> > here but it's pretty 
> > >>> much the same. If you want more details let me
> > know.
> > >>>
> > >>> Robert Meyer wrote:
> > >>>> OK, before we get into this, remember that
> this
> > is NOT my design.  
> > >>>> I'm trying to make the best of what I have
> > here...  Having said that...
> > >>>>
> > >>>> We currently have several clients, all using
> an
> > Imail server 
> > >>>> (remember, not my design) to handle Email. 
> We
> > are also routing a 
> > >>>> few Exchange servers through it.  In essence,
> > all mail coming in for 
> > >>>> these clients hits a single server that
> > separates the domain names 
> > >>>> and routes the mail to the backend servers. 
> We
> > also have some 
> > >>>> clients that are actually storing their mail
> on
> > the Imail server.  
> > >>>> These two functions are going to be separated
> > so that the relay 
> > >>>> server and the POP/IMAP functions are on
> > different boxes.  The mail 
> > >>>> servers that I relay for also relay back
> > through the Imail server.  
> > >>>> The problem is that if one client gets
> infected
> > with a spam virus or 
> > >>>> otherwise gets the server tagged as a spam
> > host, it breaks all of 
> > >>>> the clients that route through that server. 
> We
> > (actually, they) 
> > >>>> want to keep the single relay host, because
> > it's good for 
> > >>>> troubleshooting.  (remember, not my design)
> > >>>>
> > >>>> What I need to know is:  Is there any way
> that
> > I can set up a system 
> > >>>> that will relay mail from internal mail
> servers
> > but have the IP 
> > >>>> address leaving the server be different for
> > each domain.  
> > >>>> Essentially, I want it to look like each
> domain
> > is coming from a 
> > >>>> different server.  We are switching the relay
> > server to CentOS (RHEL 
> > >>>> clone) and are going to use Postfix for the
> > relay functions.
> > >>>>
> > >>>> The only idea that comes to mind is to create
> > multiple virtual 
> > >>>> servers with VMWare and route each client
> > through a different 
> > >>>> virtual machine.  I know I can create
> multiple
> > IP aliases on the 
> > >>>> machine.  Can I leverage that somehow to get
> > different source 
> > >>>> addresses for different domains?
> > >>>>
> > >>>> Thanks...
> > >>>>
> > >>>> Cheers!
> > >>>>
> > >>>> Bob
> > >>>>
> > >>>>
> >
>
------------------------------------------------------------------------
> > 
> > >>>>
> > >>>> Moody friends. Drama queens. Your life? Nope!
> -
> > their life, your story.
> > >>>> Play Sims Stories at Yahoo! Games. 
> > >>>>
> >
>
<http://us.rd.yahoo.com/evt=48224/*http://sims.yahoo.com/>
> > >>>>
> > >>>>
> > >>>>
> >
>
------------------------------------------------------------------------
> > 
> > >>>>
> > >>>>
> > >>>>
> _______________________________________________
> > >>>> nflug mailing list
> > >>>> nflug at nflug.org
> > >>>> http://www.nflug.org/mailman/listinfo/nflug
> > >>>
> > >>
> > >> _______________________________________________
> > >> nflug mailing list
> > >> nflug at nflug.org
> > >> http://www.nflug.org/mailman/listinfo/nflug
> > >>
> > > 
> > > _______________________________________________
> > > nflug mailing list
> > > nflug at nflug.org
> > > http://www.nflug.org/mailman/listinfo/nflug
> > 
> > -- 
> > Darin Perusich
> > Unix Systems Administrator
> > Cognigen Corporation
> > 395 Youngs Rd.
> > Williamsville, NY 14221
> > Phone: 716-633-3463
> > Email: darinper at cognigencorp.com
> > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> >      
> >
>
____________________________________________________________________________________
> > Shape Yahoo! in your own image.  Join our Network
> > Research Panel today!  
> >
>
http://surveylink.yahoo.com/gmrs/yahoo_panel_invite.asp?a=7
> > 
> > 
> > > _______________________________________________
> > nflug mailing list
> > nflug at nflug.org
> > http://www.nflug.org/mailman/listinfo/nflug
> > 
> 
> 
> -- David J. Andruczyk
> 
> 
>        
>
____________________________________________________________________________________
> Got a little couch potato? 
> Check out fun summer activities for kids.
>
http://search.yahoo.com/search?fr=oni_on_mail&p=summer+activities+for+kids&cs=bz
> 
> _______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
> 
> 
> 
> 
> 
> 
> 
>        
>
____________________________________________________________________________________
> Moody friends. Drama queens. Your life? Nope! -
> their life, your story. Play Sims Stories at Yahoo!
> Games.
> http://sims.yahoo.com/  >
_______________________________________________
> nflug mailing list
> nflug at nflug.org
> http://www.nflug.org/mailman/listinfo/nflug
> 


-- David J. Andruczyk


       
____________________________________________________________________________________
Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
http://smallbusiness.yahoo.com/webhosting

More information about the nflug mailing list