Bypassing milters for trusted users
Gushi
I've got a "frontend" mail server that I'd like to have do some virus
scanning for me with a milter. It will have a lower MX priority than
my "main" server, so by default good clients will deliver to it, and it
will then forward mail onto the "real" server.
Now, since that server may go down at some point or another, I would
also like to allow delivery to the "main" server with a higher-numbered
priority. I plan to also do virus scanning on this one, but to keep
load low, I'd like to bypass it for "trusted" servers (like the
"frontend" server, so all the mail doesn't get scanned twice).
Is this possible through the sendmail config, or best done through the
code in the milter?
Thanks,
Dan Mahoney
Claus Aßmann
> I've got a "frontend" mail server that I'd like to have do some virus
> scanning for me with a milter. It will have a lower MX priority than
> my "main" server, so by default good clients will deliver to it, and it
> will then forward mail onto the "real" server.
> Now, since that server may go down at some point or another, I would
> also like to allow delivery to the "main" server with a higher-numbered
> priority. I plan to also do virus scanning on this one, but to keep
Spammers are known to connect to secondary MXs.
> load low, I'd like to bypass it for "trusted" servers (like the
> "frontend" server, so all the mail doesn't get scanned twice).
> Is this possible through the sendmail config, or best done through the
> code in the milter?
Usually done in milter code.
You could run a "milter-less" instance that only accepts connections
from "trusted" servers, e.g., via firewall rules.
--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
Gushi
just that with as many domains as I have, I'd like to limit the load on
the main box. It does enough :)