Hello List! Im in desperate need for an SMTP proxy. Well, not just another proxy, it needs basically to do this: - Listen on external interface, port 25 - If mail arrives, check the DESTINATION address of the delivered email and verify that against a list of valid destination addresses - If the RCPT TO is valid* (in "allowed" list), then the proxy should relay the mail to an internal server - If RCPT TO is not a valid* one (e.x. spam_victimXY@hotmail.com), then it should drop the mail and close the spammer's connection. Is there such a program? I can imagine one could do that as a netfilter module...its a shame I cant code in C. :( The other approach I can think of would be AMAVIS maybe? That would be neat too, then it would have integrated virus protection. So, can AMAVIS do *exactly as I need (described above) ? Or is there some simpler solution (the more simple, the better because this is for a packet filter, that y I tought of a netfilter module) that would provide me with the needed features? help and ty :) Chris Burri jun. Systems & Network Engineer Synecta Informatik AG Zwinglistrasse 3 CH-9000 St. Gallen .-. /v\ L I N U X // \\ >Phear the Penguin< /( )\ ^^-^^ * valid and not valid: if a site has an email server and hosts domains on it, then one can say that an email, coming in on the external public IP of the site should have an email address that ends in one of the domains the site actually hosts, unless the mail was either sent in error, or it is a spam MAIL (some corporate level groupware servers are notoriously vulnerable to SPAM under certain conditions). Example for Site "dontlikespam.org" : If mail comes in on external interface, with an RCPT TO of "sales@dontlikespam.org", then it should be passed thru. If mail comes in on external interface, with an RCPT TO of "john.doe@dontlikespam.org", then it should be passed. If mail comes in on external interface, with an RCPT TO of "somebody@hotmail.com", then it should be blocked, and the connection that feeds the mail shall be dropped. in the "allow" list, there would be one entry like "dontlikespam.org" The RCPT TO must be checked strictly. Means, relay@hotmail.com% @dontlikespam.org must not circumvent it. Maybe there should be a keyword in the config file to disable (default is on) strict checking. Outgoing mail comes from internal interface and will not be tested. Externals connecting from remote sites either use dial-up and thus come from internal interface, or they use a VPN and thus wont appear on the external interface either.