Bug#373300: mimedefang should not depend on sendmail

2006-06-14 Thread Benoit Panizzon 
Package: mimedefang
Severity: normal


Hello

If you use one mailserver which connects to multiple round-robin DNS announced
milter instances there is no need to have a sendmail running on those milters as
they do communicate via INET sockets.

-Benoit-


-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=de_CH.UTF-8, LC_CTYPE=de_CH.UTF-8 (charmap=UTF-8)


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#373300: mimedefang should not depend on sendmail

2006-06-14 Thread Christoph Martin 
Hi,

Benoit Panizzon schrieb:
> Package: mimedefang
> Severity: normal
> 
> Hello
> 
> If you use one mailserver which connects to multiple round-robin DNS announced
> milter instances there is no need to have a sendmail running on those milters 
> as
> they do communicate via INET sockets.
> 
> -Benoit-

Thanks for the hint.

I never knew that this is possible. I only use it via unix domain
socket. Can you sent me a configuration example for sendmail and
mimedefang using IP connections?

Christoph

-- 

Christoph Martin, EDV der Verwaltung, Uni-Mainz, Germany
 Internet-Mail:  [EMAIL PROTECTED]
  Telefon: +49-6131-3926337
  Fax: +49-6131-3922856



signature.asc
Description: OpenPGP digital signature

Bug#373300: mimedefang should not depend on sendmail

2006-06-14 Thread Benoit Panizzon 
Hi Christoph

> I never knew that this is possible. I only use it via unix domain
> socket. Can you sent me a configuration example for sendmail and
> mimedefang using IP connections?

Sure...

MIMEDefang (spamassassin / virus scanning) cause high IO, Memory and CPU load 
on the machine doing the filtering. Sharing this load on multiple designated 
milter machines would take the load of the actual mailserver and spread this 
load among multiple machines increasing overal performance. This scales very 
well.

Unfortunately my actual working config is installed from the sources. I just 
wanted to try to migrate to the Debian Packages so I don't have to worry 
about updates :-)

Assume, you have one Mailserver (mx.example.com 192.168.0.1) and three Milter 
Machines (filter.example.com 192.168.0.10 192.168.0.11 192.168.0.12).

On the three milter Machines (which don't need sendmail to be installed) you 
use:
In mimedefang.conf (or /etc/init.d/mimedefang or wherever you set the 
MIMEDefang variables).

# SOCKET=$SPOOLDIR/mimedefang.sock
SOCKET=inet:3
(and you make sure by using iptables that only mx.example.com is allowed to 
connect).

On the MX you configure sendmail to connect to the round robin DNS name of 
those milters: sendmail.mc

INPUT_MAIL_FILTER(`mimedefang', `S=inet:[EMAIL PROTECTED], F=T, 
T=S:600s;R:600s;E:10m')

So you get some nice load balancing.

If you want to scale the environement you can add more milter machines or even 
more MXes connecting to this milter 'cluster'.

Another advantage ist, you can take down one milter machine without the 
operation of the mail-servers being affected. (by using round-robin DNS 
sendmail automaticly reconnects to the next IP if one reports unreachable).

Mit freundlichen GrĂ¼ssen

Benoit Panizzon
-- 
I m p r o W a r e   A G-System Services
__

Zurlindenstrasse 29 Tel  +41 61 826 93 00
CH-4133 PrattelnFax  +41 61 826 93 01
Schweiz Web  http://www.imp.ch
__