[nSLUG] How to throughly test an MX server before making it live

Aaron Spanik a.spanik at ns.sympatico.ca
Tue Nov 13 22:20:10 AST 2007


On Tue, 13 Nov 2007 21:03:07 -0400 (AST)
Dop Ganger <nslug at fop.ns.ca> wrote:

> On Tue, 13 Nov 2007, D G Teed wrote:
> 
> > I'd like to have a way to run a script from off site which sends
> > a bunch of messages through via a specified MX.  Much like
> > the test-messages work area of amavisd-new but with an
> > ability to control the MX.
> 
> An alternative to Aaron's suggestion (if you want a completely non-Postfix 
> option to make sure there's no "favouritism") is swaks, 
> http://www.jetmore.org/john/code/#swaks . The acronym stands for Swiss 
> Army Knife SMTP and he's not joking - take a look at 
> http://linux.die.net/man/1/swaks for the plethora of options.

Oh yeah.  SWAKS.  Good stuff.

To be clear, though, there are some things that no "non-Postfix"
software will be able to do easily because XFORWARD allows you to tell
Postfix to "pretend".  The canonical example is for testing your
anti-UCE rules, especially when you're trying to configure exceptions
or when you're trying to figure out what happened to a particular
mail.  You tell Postfix to behave as if:

xforward ADDR=<ip address> "pretend the IP connecting is <ip address>"

xforward NAME=<hostname> "pretend the DNS for the IP is <hostname>"

xforward HELO=<helo> "pretend the client passed <helo> as for HELO"

There are a couple of others there, but I never used them, so I don't
really know what they do.

You can combine them into one line as well with something like:

xforward ADDR=<ip address> NAME=<hostname> HELO=<helo>

Anything you lie to Postfix about goes into the logs as the truth, so
you do need to be careful with it.  If you just supply an ADDR, Postfix
will do its regular DNS checks, etc.

Oh, and in my previous response, I suggested:

less `postconf -v readme_directory`/XFORWARD_README

That won't work.  Try instead:

less `postconf -h readme_directory`/XFORWARD_README

Cheers,

/a

 


> Cheers... Dop.
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/cgi-bin/mailman/listinfo/nslug


-- 
Aaron Spanik
a.spanik at ns.sympatico.ca



More information about the nSLUG mailing list