External anti-spam company for domain

Discussion in 'Installation/Configuration' started by t.roijers, Feb 15, 2008.

  1. t.roijers

    t.roijers Member

    Hello all,

    a few day ago i asked a question 'bout an external anti-spam company for a domain we host with ispconfig. I thought i had to fix this with SPF but i was wrong (and not afraid to admit it :).

    We host serveral domains for our customers with mail enabled and so on...

    What i would like to know:

    1 of our customers wants the mx record to be pointed to a company who filters out all spam. This company then forwards the mail "100% spam free" to the ispconfig server. Is it possible to configure postfix/ispconfig "for that domain only" so that is can only receive forwarded mail from this company?.


    The other domains cannot be affected by this.

    Thanx for all your help so far.

    Tim
     
  2. falko

    falko Super Moderator Howtoforge Staff

    I think all you have to do is change the MX record so that it points to the spam filter server.
     
  3. t.roijers

    t.roijers Member

    Mx / Spam

    Hi Falko,

    Correct, the company receiving the mail has the MX record so they receive the mail. Then this company sends the mail to the ispconfig machine so that the customer can POP the filtered mail.

    What i would like to know, is it possible to configure a domain on the ispconfig server so that is can only receive mail from the company who has the mx record.

    Thanks so far,
    Tim Roijers
     
  4. falko

    falko Super Moderator Howtoforge Staff

    You mean you want a second domain that can receive emails only if they are forwarded from the spam filter?
     
  5. t.roijers

    t.roijers Member

    Hi Falko,

    I have included a GIF with the setup i'm looking for.
    In the example you can see the VSP server who has the mx records.

    The "ISP hosted mailserver" in the example is the ISPConfig machine. In this setup the ISPConfig machine may only receive mails sent by the VSP server, and just for one domain (customer) only. The other domains (customers) may not be affected by any changes, so they must able to receive mails from other mailservers.

    Tim
     

    Attached Files:

    • vsp.gif
      vsp.gif
      File size:
      46 KB
      Views:
      144
  6. falko

    falko Super Moderator Howtoforge Staff

    Right now I don't know of a solution. Did you check out the Postfix configuration parameters page ( http://www.postfix.org/postconf.5.html )?
    Maybe there's such a setting (not sure though).
     
  7. isaeus

    isaeus New Member

    Hey, I was searching for the same solution.

    I've found a setting in main.cf that works for me:

    Edit /etc/postfix/main.cf, and find the line: 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination' and change it to: 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,check_recipient_access hash:/etc/postfix/mailscan_domains'

    Also add the following lines after the line with 'mynetworks = 127.0.0.0/8':
    smtpd_restriction_classes = mailscan_only
    mailscan_only = check_client_access hash:/etc/postfix/mailscan_client_ip, reject

    Next, create a file for the domains where an external hosted spam filter solution wil be used, 'vi /etc/postfix/mailscan_domains'
    Add the lines as follow: 'domain.com mailscan_only'

    Also create a file with the IP's of the mail server from the hosted spam solutions provider which may send mail to your server: 'vi /etc/postfix/mailscan_client_ip'
    Add the lines as follow: '111.222.333.444 OK'

    Don't forget to postmap the hash files:
    'postmap /etc/postfix/mailscan_domains'
    'postmap /etc/postfix/mailscan_client_ip'

    And restart postfix:
    '/etc/init.d/postfix restart'

    Hope this helps for you as well.

    Martin
     

Share This Page