efa-project.org

I just thought I'd throw this question out to the community, but how would you recommend setting up multiple organizations with EFA?

Obviously, the first thing I could do is configure an EFA instance to handle all the mail and redirect to the appropriate mail servers.

What if I have organizations that cannot use shared infrastructure? E.g. EFA stores the mail, if the mail from two companies is on the same server, potentially an admin could see the mail of the other organization - a no no.

One possibility would be to set up a separate mail server instance and have it redirect the mail to the separate organization EFA instances, but that's additional work for maintaining a separate mail server.

What if I used EFA as the initial mail handler which (essentially) manages the postfix instance, configured to just forward, but never store the mail to the individual organization level instances? Would this make sense? Would this just be making more work than is necessary?

Has anyone out there had to deal with this problem? If so, how did you deal with it?

Assume the organizations have to share the IP addresses assigned to their smtp service (as there is not enough IPv4s to give to everyone)

Thanks for any thoughts or suggestions you may have.

Yeah, this could prove to be tough. I think that it boils down to this:

if you want to hold mails for people to release, like spam and you are not allowed to get access to any message in the quarantine, that doesn't belong to your company, you will have to wind up with multiple instances of eFa, each for a domain which falls under these restrictions.

But then, you still do have access to all the messages on hold for any of these companies, so this really isn't going to provide the company what they might want. The only other way I can see, is to have contracts with these companies, that explicitly allow you to do so and which holds you liable, if you violate that contract. This is more of a formal law thing, than a technical problem, since it can't be finally solved technically.

Cheers,
budy

It can be solved technically, it's done every day with existing mail.

I was just asking the best way to do it. Use EFA as the central smart host configured differently, or go with standard mail server setup forwarding mail for various EFA hosts and manage everything myself.