netfilter-bounces@xxxxxxxxxxxxxxxxxxx wrote: > Hi John, Thanks for your reply. Actually I need to clarify. > > In my config, I have an anti-spam process running on the > linux gateway and listening on port 1025. My intention is to > have the linux gateway filter out all the junks. > > I intend to have the linux box first modify the Dest ip and > forwarded it the local anti-spam process for spam checking. > After that, the anti-spam process will forward the clean mail > to the mail server since the ip address has already been modified. > > Will that intention in mind, will my iptables rules still > work ? If not, how should I design my iptables rules ? Normally, you setup a mail gateway which which is configured to do spam/virus filtering. In my case, I used Postfix with Amavis, ClamAV and SpamAssassin. Postfix receives the email, and can optionally be configured to check if the "To" email address is valid using user accounts, aliases, ldap, ... Next it sends the email to Amavis, which checks for virusses using ClamAV and spam using SpamAssassin. SpamAssassin can quarantine if the spam-score of an email is above sa_kill_level2, can add email headers containing the spam-score and can alter the subject saying it is probably spam. If an email is not quarantined, it is sent back to Postfix which will deliver it to the next MTA or to an MDA which can deliver the email to a mailbox. Gr, Rob
