Kenmore status

My project of building "Kenmore", a mail-cleaning appliance, is progressing nicely. I've been running it on two small domains for almost two weeks, and SpamAssassin is doing an amazing job at tagging spam - and I've not yet installed the just-released SpamAssassin 2.50.

This machine won't have any local mail accounts, so all mail will be relayed to their final mail servers. The configuration for backup MX was straightforward enough:

/etc/postfix/main.cf:

relay_domains = $mydestination,
        hash:/etc/postfix/relays

transport_maps =
        hash:/etc/postfix/transport

smtpd_recipient_restrictions =
        permit_mynetworks,
        reject_rbl_client relays.ordb.org,
        reject_unauth_destination

/etc/postfix/transport:

mydomain.com    smtp:[mailserver.name]:25

/etc/postfix/relays:

mydomain.com OK

The relays table tells Postfix which domains it's doing relay for, and the transport table short-circuits the usual MX-lookup for domain routing, and it allows Kenmore to be the primary MX for this domain instead of the ultimate target.

The downside with this approach is that it relays all mail, including that destined for unknown addresses. This means that Kenmore completely accepts the inbound mail and takes responsibility for it, so when the final destination refuses to accept the message, we're stuck with the job of sending a bounce back to the sender. Since the sender address is often bogus, our outgoing mail queue gets filled up with trash. This sucks.

The solution is to teach Postfix about the local users on the target mail servers, and this is done with the relay_recipient_maps directive in /etc/postfix/main.cf:

smtpd_recipient_restrictions =
        permit_mynetworks,
        check_recipient_maps,
        reject_rbl_client relays.ordb.org,
        reject_unauth_destination

relay_recipient_maps =
        hash:/etc/postfix/relay_recipients

The file /etc/postfix/relay_recipients contains a list of all the remote users, so Postfix is able to reject invalid recipients right during the SMTP handshake. We never take ownership of the message, so there are no bounces for us to think about.

Maintaining the list of remote users can be problematic lest Postfix accept or bounce mail improperly. For very small mail servers it may be possible to edit this list by hand, but otherwise automated systems can be used. We plan on investigating LDAP for this, but for now are still trying to make sure we have a handle on the overall procedures. Posted by Steve at February 22, 2003 05:29 PM | TrackBack