how to avoid tcp_local
Hi, my environment is solaris 2.8 with sunone msg server 5.2 and directory server 5.1. The system is configured on front end (accessible by internet) with 2 mta and 2 directory server (slave), on back end 2 message store and 2 directory server (master). I've installed an external antispam/antivirus appliance that receive all incoming mails from internet, clean and send them to one of the 2 mta (they are balanced). My first problem is that I don't understand how I can define a new channel, tcp_scanner for example, that receive email from the external appliance. I mean if I define this new channel, email pass from tcp_scanner to tcp_local and then are delivered to the back end message stores. I need to pass from tcp_scanner to deliver without tcp_local. The second problem is that I don't understand how configure the 2 mta to pass all the outgoing email to the external antispam: I've tried modifing tcp_local generating loop problems. Please help.
[968 byte] By [
m_mattaua] at [2007-11-27 0:46:16]
# 2
thanks, my environment is a bit different because I have
internet-->AVapplicance>MTA>Store
I mean MTA receive external email from AVappliance that filter spam and av,
and on exit I have to do
MTA>AVappliance-->internet for external mail address
MTA>AVappliance-->MTA>Store for internal mail address.
Reading all the thread I understand that I have to do:
mappings add:
NOSCAN_IP
$(AV-IP/32) $Y$E
* $N
CONVERSIONS
IN-CHAN=tcp_noscan;OUT-CHAN=*;CONVERT No
IN-CHAN=tcp_local;OUT-CHAN=tcp_intranet;CONVERT No
IN-CHAN=tcp_*;OUT-CHAN=*;CONVERT Yes,Channel=tcp_scan
imta.cnf add:
PART 1
!
! tcp_noscan
[] $E$R${NOSCAN_IP,$L}$U%[$L]@tcp_noscan-daemon
!
PART 2
!
! tcp_local
tcp_local smtp mx single_sys remotehost inner switchchannel
identnonelimited subdirs 20 maxjobs 7 pool SMTP_POOL maytlsserver
maysaslserver saslswitchchannel tcp_auth aliasdetourhost tcp_scan-daemon
tcp-daemon
!
! tcp_scan
tcp_scan smtp nomx single_sys subdirs 20 noreverse dequeue_removeroute
maxjobs 7 pool SMTP_POOL daemon [AV-IP] port 25
tcp_scan-daemon
!
! tcp_noscan
tcp_noscan smtp single_sys subdirs 20 noreverse maxjobs 7 pool SMTP_POOL
allowswitchchannel
tcp_noscan-daemon
With this configuration email for internal address the email follows
tcp_local-->tcp_scan-->tcp_noscan-->tcp_local-->D
email for external address follows
tcp_local-->tcp_scan-->AV-IP-->D
and for webmail I just assign service.http.smtphost=AV-IP
I don't have to add anything to dispatcher.cnf
Right?
thanks for attention
# 3
First, if you're really running bare 5.2 Messaging, you should have applied at the very least patch 2, some time ago. There are hundreds of things fixed by patch 2.
Second, with patch 2 comes the ability to use the "aliasdetourhost" keyword, which makes all this very much easier for you.
Third, you should be looking at a major upgrade, in any case. Messaging 5.2 is very near End of Support Life. The last patch is scheduled for next month. This is a very old product, and is long out of date. You can now download Messaigng 6.3, the current product.
# 5
with 5.2hfg2.06, you can use aliasdetourhost. If you search this forum for "aliasdetourhost", or even the 6.2 documentation, you'll find exactly what you need to set it up.You might want to start here:
http://forum.java.sun.com/thread.jspa?forumID=708&threadID=5047962
http://sunsolve.sun.com/search/document.do?assetkey=1-9-77689-1&searchclaus e=aliasdetourhost
and
http://sunsolve.sun.com/search/document.do?assetkey=1-9-79481-1&searchclaus e=aliasdetourhost
