[TriLUG] Spam help

Dan Monjar daniel.monjar at na.biomerieux.com
Sat Sep 14 18:07:02 EDT 2002


On Sat, Sep 07, 2002 at 04:27:26PM -0400, Jon Carnes wrote:
> 
>  6) Now that the new server is working and SpamAssassin is filtering the
> mail on the new mailserver  - modify your DNS to set it as the primary
> for external folks using your mailserver.
> 
> *OR* set the new Linux mail server as the secondary and restrict access
> to your Exchange server's port 25 so that only local access is allowed. 
> Remote mail servers won't be able to drop off to your Exchange server
> and instead they will drop off mail to your new Secondary, which will
> then scan the mail, before forwarding the mail onto the Exchange server.

sorry for the late reply but just got back from a business trip....

A far better way to do step 6 would be to use NAT to redirect the external
mail to the linux box instead of the Exchange one.  On a PIX it would be 
simply redirecting the target of the conduit.  This prevents from having
to make global DNS changes... and intentionally introduce an error/fallback
situation for your MX records doesn't seem like a good thing IMHO.

-- 
Dan



More information about the TriLUG mailing list