[nycbug-talk] Postfix filter for Exchange

[Mikel King]

On Jul 27, 2006, at 11:31 AM, Pete Wright wrote:

> Hi All,
> 	So for some reason we run exchange as our mail store, and
> frankly I'd rather not start another fight as to how we should  
> probably move
> to more robust mail solution.  we do have an issue where runaway  
> scripts
> start generating *ton's* of email in a very short period of time.  We
> have been trying our best to resolve this issue by bludgening those  
> who
> write the offending code, but it still happens from time to time.
>
> 	So, to help us out with this I am going to propose putting a
> Postfix filter infront of the exchange server to kill these mail bombs
> before they take down exchange.  The exchange admin's promise there is
> nothing they can do to properlly rate limit, or kill these mail bombs
> before spooling them.  I am not so sure about that, but do not have  
> the
> time to learn exchange.
>
> 	Has anyone implemented such a solution for a highvolume
> mailserver, if so any caveat's i should be looking out for?  Or is  
> there
> a sendmail milter that does this already that i don't know about?
>
> thanks!
> -pete
>



Hey Pete,

	We currently run a brightmail solution in front of ours, but I've  
done the same thing in the past with spam assassin and even tied  
procmail in for my personal mailbox. The easiest way to pull this off  
is to monkey with your mx preferences and firewall rules. Setup your  
new postfix server with all of your rules as a higher mx pref than  
your exchange server. Then you can controll access to your exchange  
server via your firewall. I am of course assuming that you are using  
three distinct pieces of equipment for this. Anyway, doing this  
allows you to toggle access by the general public to your exchange  
server directly. Just remember to always allow access to it from the  
postfix box.

Cheers,
Mikel