[prev in list] [next in list] [prev in thread] [next in thread]
List: postfix-users
Subject: Re: Need ACL and Redirect based On Source IP Address
From: Noel Jones <njones () megan ! vbhcs ! org>
Date: 2007-09-27 19:22:20
Message-ID: 20070927192224.0AFC9797828 () mgate2 ! vbhcs ! org
[Download RAW message or body]
At 01:16 PM 9/27/2007, Vadim Pushkin wrote:
>Greetings All;
>
>I have two Postfix servers, one on a DMZ, it accepts all email for
>my domains and sends email internal to another postfix server.
>
>The internal postfix server resends based on the recipients email
>address, uses aliases for this purpose.
>Some of the domains, just two actually, get all email to another
>SMTP server, based on what is in the postfix transport map.
>
>I am looking to know if it is possible to do the following within my
>postfix set up:
>
>If a source IP address connecting to my internal mailserver is
>listed in say a flatfile, then DO NOT use the aliases file at all,
>instead simply forward whatever it is trying to send to another SMTP
>server, actually an exchange bridgehead in this case.
>
>We are trying to implement a DL which will be different from one
>domain to another, and the above is required.
>
>Many thanks in advance.
>
>.vp
Postfix can't make aliasing or routing decisions based on the client IP.
I think your best choice is to have these servers point directly to
your exchange bridgehead, rather than force postfix to jump hoops.
If you must do this in postfix, you will need to run a second
instance of postfix (with its own queue and config directories - not
just another smptd listener defined in master.cf) on another IP or
port. Configure that instance to only accept mail from these special
servers and add transport_maps entries to route the mail as
required. If the special servers must submit mail to the official
IP:port, you will need to use firewall rules to redirect them to the
proper postfix instance. This is pretty messy; hope you can find
some way to avoid it.
--
Noel Jones
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic