also sprach gordonr:
> > 1) Re: virus scanning, are the developers aware of the scan4virus
> > program[1]? It requires a simple patch to qmail (QMAILQUEUE, very stable),
>
> These patches almost certainly violate the qmail binary distribution
> licence.
Doesn't the big-DNS patch do the same?
> > Or is there another reason to use smtpd in front of qmail?
>
> smtpd is a very simple daemon which runs in a chroot() jail. I have no
> security concerns with qmail, but even less (what's less than none?) with
> smtpd in the chroot() jail. smtpd also provides a nice interface for
> blocking senders, SPAMmers, RBL/ORBs, etc. smtpd also has hooks to limit
> message size and call a filter for each mail item - a nice hook for virus
> scanning.
Sounds nice; I'll have to check it out!
> > Most importantly are the RBL and CR/LF fix.
>
> RBL can be done with smtpd. I believe RBL/ORBS/MAPS should be an option,
> not a standard feature as false positives are a problem.
Agreed.
> The CR/LF fix is not required with smtpd.
Does smtpd convert the bare LFs to CR/LF?
> > 3) Any chance of ditching BIND for something like djbdns[3]? It looks like
> > e-smith 4.0 is using 8.2.2P3; isn't that version still privy to some
> > problems? Also, BIND is kinda like sendmail WRT security concerns, whereas
> > djbdns, written by Dan Berstein, author of qmail, is bulletproof. Plus, the
> > config files are *far* easier to parse and template-ize.
>
> Yes - you obviously weren't at my DNS tutorial at SAGE-AU 2000! :-)
Nope. Somehow my airline tickets must have gotten lost in the mail. ;-)
> We are thinking hard about this one, but can't give a time right now.
>
> <hint>
> If someone rolled a contrib RPM (or even just the templates and
> binaries) which replaced the current use of BIND, we'd be very happy
> indeed.
> </hint>
If I get a chance to install e-smith somewhere, or even just learn about the
templates, I just might do this. RPMs for djbdns already exist at
<http://em.ca/~bruceg/rpms/dnscache/>.
> > ezmlm from tarball,
>
> We have RPMs for this, which should be on the ftp site soonish (doing a
> major re-org).
Not to belabor the point, but do they include the ezmlm-idx patch?
> > vpopmail[4] for
> > single-UID qmail virtual hosting, qmailadmin[5] for a web-based vpopmail
> > interface, &c.
>
> All good stuff. However, we can probably provide most of what they provide
> for the typical situation.
Agreed, at least it appears so without having actually installed the e-smith
server software. I don't often get excited about software, but this has me
really interested.
Thanks for the quick response!
/pg
--
Peter Green : Gospel Communications Network, SysAdmin : [EMAIL PROTECTED]
---
perl -wle 'print "Prime" if (1 x shift) !~ /^1?$|^(11+?)\1+$/'
