This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mailrouting anhand der Absenderadresse

Hallo,

 

ich habe von einem Kollegen die Frage bekommen, ob E-Mails die von bestimmten Absenderadressen/Domains (extern) kommen über einen separaten Server geroutet werden können.

Ich habe in den SMTP-Profilen und sonstigen Konfigurationen leider so etwas nicht finden können.

 

Gruß

Hendrik



This thread was automatically locked due to age.
  • Hallo Hendrick,

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    I agree that the UTM cannot do this.  Maybe your mail server can.

    I've not heard of such a requirement before.  Maybe if we knew what caused your colleague to ask that question, we could find a UTM solution.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I do not think you will find this feature, as the definition of "Sender" is so complicated:

    • Is it the envelope sender or the Message's "From" header?
    • Should senders be handled differently based on whether they pass or fail authentication?
    • Which authentication method is required?  SPF alone? DMARC only?  Something else?

    It is not clear what a vendor would be expected to implement.

    - - - - - - 

    However, I have considered this approach to partitioning my incoming mail:

    • Primary MX requires TLS encryption
    • Alternate MX performs StartTLS (best-effort)

    Traffic to the alternate MX could have different Spam Filtering rules on the theory that the unencryted messages are higher risk.

    However, after evaluating traffic that was blocked or allowed based only heuristic rules, I found that the percentage of encrypted spam was only slightly lower than the percentage of accepted mail.   So it did not appear that my spam blocking rate could be significantly improved based on this partition.  Additionally, I could not define a strategy for spam filtering configuration that would benefit from knowing that the traffic was pre-filtered based on encryption.

    Given GDPR, I expect encrypted spam percentages to grow, because the spammers will still want to attack European servers that require TLS 1.2 encryption for everything.

     

    Of course, any attempt to partition incoming mail also creates uncertainty.  If the primary MX rejects a connection, the recipient cannot know for certain whether the sending system will interpret it as:

    • a reason to try the other server
    • as a reason to wait and retry the same server later, or
    • a reason to go away permanently.

    Sorry if this long digression has no value to the original question.