Mailing List CGatePro@mail.stalker.com Message #105799
From: Brian Turnbow <b.turnbow@twt.it>
Subject: RE: Automatically reject emails other than for a few domains?
Date: Wed, 09 Sep 2015 18:27:00 +0200
To: 'CommuniGate Pro Discussions' <CGatePro@mail.stalker.com>
X-Mailer: E-box Connector 4.2.70-185
Hi Brian,

I think we need to take a step back.
If the domain is not a local domain and the source ip address is not a client ip address/authenticated user, the email should not be accepted and no lookup dns will take place.
You need to look into your security settings with regard to relaying.
CGP will only lookup a "to" domain after it accepts an email for processing.

Take a look at
https://www.communigate.com/communigatepro/Protection.html
and
https://www.communigate.com/communigatepro/SMTP.html

set up the server to relay only for client IP addresses, that way when the to is specified for a domain that is not local from a non-client ip the email will be rejected directly in the smtp session.
If the emails come from a trusted source, i.e. client ip or authenticated user I'm afraid you would need to use route records ( or change your dns settings)

Brian

Brian Turnbow
Network Manager
TWT S.p.A.


> -----Original Message-----
> From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com] On
> Behalf Of Brian
> Sent: martedì 8 settembre 2015 20:15
> To: CommuniGate Pro Discussions
> Subject: Re: Automatically reject emails other than for a few domains?
>
> Thanks for the response Brian.
>
> I think I need to explain my situation a bit better. I have hundreds of domains
> pointed at my server. Out of those hundreds, only 3 receive emails.  When I
> look at the logs I see a constant stream of incoming mail, 99.99% of which are
> connected to the non-email domains. What I'm trying to do is eliminate my
> server's need to look up dns records for each of those bad emails. Since the list
> of "good" domains is known, my hope is that instead of doing all those lookups
> on every email, that there's some way to tell the server that if an email isn't
> destined to one of my 3 domains, just reject the email immediately and don't
> bother checking dns or doing any other processing.
>
> I've tried setting it to redirect all unknowns to spamtrap and I've tried writing
> rules at the server level to reject everything I don't want, but these seem to
> kick in after the dns lookups already happen.
>
> If adding some rules to the router would do what I need then ok, but the list of
> domains that are pointed at my server is in constant flux so I don't want to
> have to write and maintain a list of several hundred rules for each of the non-
> email domains, I'd prefer to be able to create a small set of rules that that tell
> the server to disregard any emails that don't belong to the 3 domains. Is it
> possible to do this and prevent the redundant lookups from happening?
>
> Thanks again.
>
> Brian
>
>
>
>
> On 09/08/2015 12:52 PM, Brian Turnbow wrote:
> > Hi Brian,
> >
> > Communigate is checking dns records looking for an MX record or a
> > domain level record , ie mydomain.com, that point to an IP Finding one
> > constitutes a valid mail server , It seems you have records pointing
> > to  the Communigate ip and as communigate does not know the domain it
> > will give this error finding a loop ( I have to send this to another
> > email server but that server  is myself )
> >
> > You can easily disregard emails for the domain by creating route
> > records
> https://www.communigate.com/communigatepro/Router.html#Special
> >
> > you can reject(error), accept and drop(null) route to spamtraps(spamtrap)
> etc so you can get creative on what you want to do.
> >
> > Brian
> >
> >
> >> -----Original Message-----
> >> From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com]
> >> On Behalf Of Brian
> >> Sent: martedì 8 settembre 2015 17:12
> >> To: CommuniGate Pro Discussions
> >> Subject: Automatically reject emails other than for a few domains?
> >>
> >>
> >> I have a bunch of domains pointing to my web/mail server but I only
> >> need email service for a couple of those. As it stands, whenever an
> >> email comes in for a domain that I'm NOT using for email, communigate
> >> checks dns, issues an error message about a dns loop, and then sends
> >> a report back to the sender's mail server. Is there any way to skip
> >> all that and just have it recognize that if an email is not destined
> >> for a domain that is configured for email, that it should just reject or delete
> the emails immediately?
> >>
> >> The way I'm set up, I have a main domain plus a couple of others that
> >> are aliases for that domain. Ideally, I'm brand new to communigate,
> >> so if you have any suggestions please make them detailed enough that
> >> they will be understandable to a total beginner. Thanks very much! :)
> >>
> >> Brian
> >>
> >> #############################################################
> >> This message is sent to you because you are subscribed to
> >>    the mailing list <CGatePro@mail.stalker.com>.
> >> To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch
> >> to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
> >> To switch to the INDEX mode, E-mail to
> >> <CGatePro-index@mail.stalker.com> Send administrative queries to
> >> <CGatePro-request@mail.stalker.com>
> >
> > #############################################################
> > This message is sent to you because you are subscribed to
> >    the mailing list <CGatePro@mail.stalker.com>.
> > To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch
> > to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
> > To switch to the INDEX mode, E-mail to
> > <CGatePro-index@mail.stalker.com> Send administrative queries to
> > <CGatePro-request@mail.stalker.com>
>
>
> #############################################################
> This message is sent to you because you are subscribed to
>   the mailing list <CGatePro@mail.stalker.com>.
> To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch to the
> DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
> To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
> Send administrative queries to  <CGatePro-request@mail.stalker.com>
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster