David Woodhouse <dwmw2@xxxxxxxxxxxxx> wrote: > On Sat, 2007-02-03 at 22:59 +0100, Thomas M Steenholdt wrote: > > "If we change the Default MTA in Fedora - Which should it be?" > > > > I'm sure a lot of people will say Exim is great (i can't say, since i've > > never worked with it). Others will yell for Postfix, towards which i'm > > probably slightly biased, since that's what I currently use in most > > places. I'm sure yet others will have other MTA's listed as their > > favorite one. > > Exim certainly does the job for me. None of the others do, as far as I > can tell. I'd be happy to be corrected on that count though, so I'll > elucidate... > > I'd like to be able to do greylisting -- but not indiscriminately; I > want to greylist only mail which actually looks suspicious in some way, > rather than delaying perfectly genuine mail. Mail gets greylisted only > if it has some SpamAssassin points, or it's HTML, or it comes from a > machine with no reverse DNS or which is listed in a RBL, etc. The /point/ in greylisting is not to expend any effort on mail that comes from suspect origins. Stopping mail from an RBLed origin or no reverse DNS (or non-matching reverse DNS) are other, independent anti-spam measures. Sure, they can be integrated into greylisting (milter-greylist for sendmail integrates RBLs), but they are still independent. So is spamassassin's score, etc. > That's a > few lines of Exim ACL code, demonstrated (the quick hack version) at > http://david.woodhou.se/eximconf/include/acl-greylist or perhaps more > sanely with jgarzik's better SQLite-based version which is available in > the same directory although I haven't yet switched over to it. > Is it possible to do that kind of thing in other MTAs? Without writing > or installing external software (or, perhaps, calling out to Exim? :) Why is "installing external software" (specially if it is written to standardized interfaces defined exactly for such uses) off-limits? > I also need to be able to run virtual domains on the cluster of mail > machines I operate, but I don't really want to set up yet another > distributed database; I _already_ have DNS running, after all. I keep > aliases for virtual domains in TXT records, Lousy missuse of DNS, if you ask me. > and I use Dynamic DNS so > that owners of a given virtual domain can update their forwarding > records with a trivial script round nsupdate. Currently, that's handled > just a few lines of Exim router configuration in the same directory as > the above (routers-dns-virtual). Can I do this in any of the other MTAs > on offer? Why does an MTA have to bend over to such abuse of DNS? [...] > Even Postfix would also be a better choice than sendmail -- that isn't > exactly a hard accolade to achieve. But it's much less versatile than > Exim and much less flexible in handling and filtering of incoming mail. > It might serve the newbies OK and those who really don't ask much of it, > but it's less useful for anyone who actually wants to get _serious_ > about running a spam-resistant mail server these days. Better go tell that the guys at sendmail.org. -- Dr. Horst H. von Brand User #22616 counter.li.org Departamento de Informatica Fono: +56 32 2654431 Universidad Tecnica Federico Santa Maria +56 32 2654239 Casilla 110-V, Valparaiso, Chile Fax: +56 32 2797513 -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
