Walt Reed wrote:
You might want to look at http://www.mimedefang.com. It is an email
scanner that runs as a sendmail milter and uses your choice of spam and
virus scanning tools. As a milter, it can tell if sendmail's connection
was authenticated or used ssl, plus it can reject as a result of the
scan during the smtp conversation.
Or you can look at a modern MTA such as Exim, which also has built-in
support for Spamassassin, ClamAV, can easily do smtp auth, and supports
pretty much any kind of back-end or database you can come up with...
It's very well supported via the active mailing list / WIKI. We have
a custom setup that allows users to choose just how much spam filtering
they want to do, have custom white / black lists, greylisting, etc.,
etc. Special case routing / rewriting, and what not is easy once you
understand the basic concepts.
While I used to use sendmail years ago, I can't imagine trying to
configure it to do what we are doing today with Exim. The sendmail
configuration is way too obtuse.
I don't think you understand what the milter interface and MimeDefang
add to sendmail. You get all the things that sendmail normally does
very efficiently and its mostly-complete m4 config file that comes
included with Centos, _plus_ the ability to control most operations with
a small chunk of custom perl. It is nothing like the sendmail of years
ago, plus the milter operations run under their own uid for more security.
Unfortunately, the Exim RPMS in Centos are very old, but you can
download current RPMS (of Exim and Dovcot) via atrpms.net (Dag's dovcot
is too old too.)
Of course building it yourself isn't all that hard either, and if you
run dedicated, moderate to high volume mail servers, I would recommend
it.
I don't think anything will match the efficiency of sendmail and
MimeDefang doing the same job. The architecture is kind of hard to
explain but basically the milter back-ends run independently so at any
time you may have many more sendmail processes doing other operations
than you have milter processes doing scanning. The reason this is
complicated is that the milter provides hooks for several steps in the
SMTP conversation, so for example sendmail might have one backend milter
process perform a check on RCPT addresses, then do some other steps
and connect again for DATA. This gives you much more control over the
load on your machine since you don't have to throttle the number of
active sendmails down to the number of spamassassin instances you can
run at once.
--
Les Mikesell
lesmikesell@xxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
