Could you possibly advise in the following scenario:
- MEG 7 deployed in full proxy
- Two different mail servers behind MEG7 (Exchange, Postfix)
Exchange users use Outlook Anywhere when roaming - so there is no problem with that
Postfix users should send mail through SMTP, authenticating themselves via SMTP auth.
How can I :
- allow all mail coming from SMTP Auth authenticated senders through
- filter all other mail
Is it possible/will it be possible to authenticate sender on the MEG7 level? (e.g. via LDAP ?)
Or should I simply create publicly accessible RFC2476 mesage submission service service on the external firewall pushing all the roaming users connection to the Postfix SMTP service allowing only for SMTP AUTHed connections?
Sorry this has gone for a long time with no activity.
I suppose the best alternative would be to provide some sort of VPN access for the users that need access to Postfix? That way you do not need to expose the mail service on the Internet for anyone trying to authenticate. Also it will make sure you can keep the MEG policy much simpler.
Hope this helps.