--On 13 November 2007 10:52:24 -0800 sal983 <afsal983@???> wrote:
>
> Hello Friends,
> Hope you are doing fine.
>
> We have three mail domains in our company test.com,test1.com and
> test2.com, hosted on groupwise server. As spaming is a big threat that we
> are facing now, we are planing to install a mail server gateway by using
> the well known and powerfull EXIM. ie All the incoming mails are
> relaying through the exim mail server( having public IP 217.217.217.217),
> then filtered using spam assassin,acls etc and then delivered to the
> groupwise mail server( having private ip 192.168.8.1) and viceversa. Let
> me give skelton my exim.conf so that you will get a clear picture.
>
> exim.conf
> ----------
>
> qualify_domain = test.com
>
> domainlist relay_domains = lsearch;/etc/virtual/relay_domains:localhost
> //where the file relay_domains contain
> test.com,test1.com,test2.com
>
> domainlist relay_to_domains =
>
>
># These options specify the Access Control Lists (ACLs) that
># are used for incoming SMTP messages - after the RCPT and DATA
># commands, respectively.
>
>
> acl_smtp_rcpt = check_recipient
> acl_smtp_mime = check_mime
> acl_smtp_data = check_message
>
>############# ACL################
>
> begin acl
> check_recipient:
>
> accept hosts = :
> deny local_parts = ^.*[@%!/|] : ^\\.
>
> accept local_parts = postmaster
> domains = +local_domains
>
> accept domains = remote_domains +relay_to_domains
> endpass
> message = relay not permitted at this server
> verify = recipient
How is remote_domains defined? This looks bad, since you should be
rejecting email destined for non-local domains here. Except, possibly, when
the sender is local and authenticated - but you might be doing that
somewhere else.
> accept hosts = +relay_from_hosts
You haven't defined relay_from_hosts either, but if this is merely an
inbound mail server, you should not need this.
> accept
>
> check_mime:
> -------
> --------
> check_message:
> ----
> -----
> deny message = This message was classified as SPAM
> condition = ${if < {$message_size}{500K}}
> spam = nobody
>
># put headers in all messages (no matter if spam or not)
> warn spam = nobody:true
> add_header = X-Spam-Score: $spam_score ($spam_bar)
> add_header = X-Spam-Report: $spam_report
>
># add second subject line with *SPAM* marker when message
># is over threshold
># warn spam = nobody
> add_header = Subject: *SPAM* $h_Subject:
This warn line should not be commented out.
My view is that marking subject lines is a bad idea. If you aren't sure
about a message, let the user decide.
># reject spam at high scores (> 12)
> deny message = This message scored $spam_score spam points.
> spam = nobody:true
> condition = ${if >{$spam_score_int}{120}{1}{0}}
Below, you ask about storing these messages. You can't, because you've
rejected the message. If it's a false positive, you can expect the sender
to try some other contact method.
>############# ROUTER SETTINGS#######################
># set rules for selecting a transport#
> begin routers
> redirect:
> driver = redirect
> data = ${lookup{$local_part@$domain}lsearch{/usr/local/exim/user_alias}}
>
> internal: # To relay the mails to our
> domains
> driver = manualroute
> domains =+relay_domains
> transport = spamcheck
> route_data= 192.168.8.1 # IP address of groupwise server
>
> external: #To relay the mails to other domains
> driver = dnslookup
> domains = ! +local_domains
> transport = remote_smtp
> ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
> no_more
>
>
>############# TRANSPORT SETTINGS####################
># set rules for delivery transports#
> begin transports
>
> remote_smtp:
> driver = smtp
>
> spamcheck:
> driver=smtp
>
>
>
>
>##########################################
>
>
>
> Let me come to the doubts .
>
> Please give your suggetons on this architecture?
> Is this mail relaying is harmful?
> If it is good how can i store the rejected mails after filtering in the
> relay server especially mails filtered by spam assassin?
>
> Any help would be great appreciable :)
>
>
> Thanks,
> Sal
>
> --
> View this message in context:
> http://www.nabble.com/Mail-relaying-tf4799845.html#a13732221 Sent from
> the Exim Users mailing list archive at Nabble.com.
--
Ian Eiloart
IT Services, University of Sussex
x3148