Mailing List CGatePro@mail.stalker.com Message #105800
From: Brian <pcwiz@gmx.net>
Subject: Re: Automatically reject emails other than for a few domains?
Date: Thu, 10 Sep 2015 11:03:56 -0400
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>
Thanks Brian,

Unfortunately, I'd actually already done all that stuff to no avail.

I'm also now finding from examining my logs more thoroughly that emails are being processed in an inconsistent manner. Emails destined to the same unknown address will sometimes be passed on for filtering by my rules, while other times they will trigger a dns loop error. Same email address, same server settings, but a different outcome. I'm guessing that it must be due to a difference of where the emails are coming from, but it frustrates me that all settings seem to be geared towards blocking by sender rather than by destination. I would have thought that there'd be some way to tell the server "here are my list of acceptable 'to' email addresses, don't process anything else", but that doesn't seem to be available except through mail rules which are only reached after the server has already done a lot of unnecessary work. I guess I'm going to just have to live with that.

Thank you nonetheless for your assistance.

Regards,

Brian



On 09/09/2015 12:27 PM, Brian Turnbow wrote:
Hi Brian,

I think we need to take a step back.
If the domain is not a local domain and the source ip address is not a client ip address/authenticated user, the email should not be accepted and no lookup dns will take place.
You need to look into your security settings with regard to relaying.
CGP will only lookup a "to" domain after it accepts an email for processing.

Take a look at
https://www.communigate.com/communigatepro/Protection.html
and
https://www.communigate.com/communigatepro/SMTP.html

set up the server to relay only for client IP addresses, that way when the to is specified for a domain that is not local from a non-client ip the email will be rejected directly in the smtp session.
If the emails come from a trusted source, i.e. client ip or authenticated user I'm afraid you would need to use route records ( or change your dns settings)

Brian

Brian Turnbow
Network Manager
TWT S.p.A.


-----Original Message-----
From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com] On
Behalf Of Brian
Sent: martedì 8 settembre 2015 20:15
To: CommuniGate Pro Discussions
Subject: Re: Automatically reject emails other than for a few domains?

Thanks for the response Brian.

I think I need to explain my situation a bit better. I have hundreds of domains
pointed at my server. Out of those hundreds, only 3 receive emails.  When I
look at the logs I see a constant stream of incoming mail, 99.99% of which are
connected to the non-email domains. What I'm trying to do is eliminate my
server's need to look up dns records for each of those bad emails. Since the list
of "good" domains is known, my hope is that instead of doing all those lookups
on every email, that there's some way to tell the server that if an email isn't
destined to one of my 3 domains, just reject the email immediately and don't
bother checking dns or doing any other processing.

I've tried setting it to redirect all unknowns to spamtrap and I've tried writing
rules at the server level to reject everything I don't want, but these seem to
kick in after the dns lookups already happen.

If adding some rules to the router would do what I need then ok, but the list of
domains that are pointed at my server is in constant flux so I don't want to
have to write and maintain a list of several hundred rules for each of the non-
email domains, I'd prefer to be able to create a small set of rules that that tell
the server to disregard any emails that don't belong to the 3 domains. Is it
possible to do this and prevent the redundant lookups from happening?

Thanks again.

Brian




On 09/08/2015 12:52 PM, Brian Turnbow wrote:
Hi Brian,

Communigate is checking dns records looking for an MX record or a
domain level record , ie mydomain.com, that point to an IP Finding one
constitutes a valid mail server , It seems you have records pointing
to  the Communigate ip and as communigate does not know the domain it
will give this error finding a loop ( I have to send this to another
email server but that server  is myself )

You can easily disregard emails for the domain by creating route
records
https://www.communigate.com/communigatepro/Router.html#Special
you can reject(error), accept and drop(null) route to spamtraps(spamtrap)
etc so you can get creative on what you want to do.
Brian


-----Original Message-----
From: CommuniGate Pro Discussions [mailto:CGatePro@mail.stalker.com]
On Behalf Of Brian
Sent: martedì 8 settembre 2015 17:12
To: CommuniGate Pro Discussions
Subject: Automatically reject emails other than for a few domains?


I have a bunch of domains pointing to my web/mail server but I only
need email service for a couple of those. As it stands, whenever an
email comes in for a domain that I'm NOT using for email, communigate
checks dns, issues an error message about a dns loop, and then sends
a report back to the sender's mail server. Is there any way to skip
all that and just have it recognize that if an email is not destined
for a domain that is configured for email, that it should just reject or delete
the emails immediately?
The way I'm set up, I have a main domain plus a couple of others that
are aliases for that domain. Ideally, I'm brand new to communigate,
so if you have any suggestions please make them detailed enough that
they will be understandable to a total beginner. Thanks very much! :)

Brian

#############################################################
This message is sent to you because you are subscribed to
    the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch
to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to
<CGatePro-index@mail.stalker.com> Send administrative queries to
<CGatePro-request@mail.stalker.com>
#############################################################
This message is sent to you because you are subscribed to
    the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch
to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to
<CGatePro-index@mail.stalker.com> Send administrative queries to
<CGatePro-request@mail.stalker.com>

#############################################################
This message is sent to you because you are subscribed to
   the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com> To switch to the
DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
Send administrative queries to  <CGatePro-request@mail.stalker.com>
#############################################################
This message is sent to you because you are subscribed to
   the mailing list <CGatePro@mail.stalker.com>.
To unsubscribe, E-mail to: <CGatePro-off@mail.stalker.com>
To switch to the DIGEST mode, E-mail to <CGatePro-digest@mail.stalker.com>
To switch to the INDEX mode, E-mail to <CGatePro-index@mail.stalker.com>
Send administrative queries to  <CGatePro-request@mail.stalker.com>

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster