INTRODUCTION
I've been using MessageWall as my external SMTP agent and qmail-spamc (which I
wrote) to tag spam inline to the qmail-queue process, prior to relaying to my
internal MTA for actual delivery to users. I am finding recently that simply
blocking all executable file attachments is not sufficient for AV control, and I
am unhappy with the lack of modularity of MessageWall (an otherwise good program).
Hence, I am setting up a new MX box with qpsmtpd (thus moving one step closer to
using Perl for absolutely everthing ;~). I have hacked at the CVS version of
spamassassin to support the SA 2.60 Unix domain socket feature (see seperate
e-mail for patch). I have written a check_vrfy plugin, so I can just query my
internal MTA for account information (see second seperate e-mail later today
after I write some POD). I need to write a whitelist patch for the dnsbl, since
I like to run my own internal whitelist. I will also need to write a uvscan
plugin (stolen shamelessly from the clamav code, I'm sure), so I can run
McAfee's antivirus on the MX boxes.
So far, it looks like I'm going to like qpsmtpd! But I have a few questions:
QUESTIONS
1) I can definitely see the startup time for qpsmtpd under tcpserver being an
issue, so I'll be using pperl for this in production. Could I get some feeling
from people how many prefork processes people are using? I am running a
strictly corporate environment with ~300 heavy e-mail users.
2) I don't like mixing the tcpserver configuration variables in with the qpsmtpd
plugin stuff in config/, so I modified the run file and env/* code from the
qmail-conf smtpd configuration instead. Does anyone want to see this?
3) I find it kind of annoying that the config/ file data is not being detainted
automatically. Tainting is all well and good, but these files are owned and
writeable only by root, so they are as good as anything stored on disk can be.
Anyone else think that $self->qp->config() should untaint the arguments
automatically? Or at least that there should be a generic detaint function
supported in the core routines?
Thanks in advance...
John
- Re: Introduction and Questions John Peacock
- Re: Introduction and Questions Matt Sergeant
