Re: [SAtalk] How to do? Linux/Spam Assasin running as a gateway spamfilter f or another mail server.

Mon, 07 Jul 2003 22:19:30 -0700 

We accomplish the internal relay a bit differently, but works very nicely.

Instead of creating user accounts on the sendmail relay for every user, we
create aliases.. for example, I have

tnelson: [EMAIL PROTECTED]
tony.nelson: [EMAIL PROTECTED]
tony_nelson: [EMAIL PROTECTED]

internal.starpoint.com is our (sigh) Notes server..

The benefit of this approach is that bounces of non-existant users actually
works the way one might expect.

The drawback is that we're currently using some 7+ year old tcl code to
generate these aliases from a text file... I working on a web based system
in my "spare" time.. but it will be very specific to the kinds of things we
need at our company so not very valuable to the open source community :(


The alias idea still works well if you can find a simple way to manage it.

Tony Nelson
Director of IT Operations
Starpoint Solutions
115 Broadway, 2nd Fl.
New York, NY 10006




                                                                                       
                                             
                      Alain Fauconnet <[EMAIL PROTECTED]>                              
                                               
                      Sent by:                                  To:       [EMAIL 
PROTECTED]                                      
                      [EMAIL PROTECTED]        cc:       [EMAIL PROTECTED]             
      
                      ceforge.net                               Subject:  Re: [SAtalk] 
How to do?  Linux/Spam Assasin running as a  
                                                                 gateway spam filter f 
or another mail server.                      
                                                                                       
                                             
                      07/07/2003 11:17 PM                                              
                                             
                                                                                       
                                             
                                                                                       
                                             




On Tue, Jul 08, 2003 at 11:42:33AM +0930, [EMAIL PROTECTED] wrote:

> I've got spam assassin working like a dream on our small sendmail box.
> works like a bought one.    what i want to do is setup a gateway
arrangment
> for an Exchange Server (everyone shudders, i know).
>
> like so:
>
> Internet  ->  Linux Sendmail with SpamAssasin ->  Exchange Server
>
> has anybody attempted such a thing?  i've been searching google for quite
a
> while and not found any howtos...    on the sendmail box i'm attempting:
>
> 1.  that i don't need to create accounts for everyone on the exchange
> server?

You don't. Just make sure that your sendmail box will relay  all  mail
for  domain.com (let's assume that's you domain) to your Exchange box.
A  little  side-effect: all messages sent to non-existing addresses in
your domain (errors or more likely dictionary spam attacks) will cross
your gateway two times (incoming message  and  bounced  error).  Quite
often, the bounce won't deliver so it will be stuck in  the  queue  of
your gateway.  Thus  its  load  might  be  higher  than  you  imagine.

> 2.  that it sholdn't deliver to the linux box at all, but simply scan and
> forward.

To achieve this:
- make sure that domain.com is _not_ in /etc/mail/local-host-names, so
that your gatweway will only deliver mail  to  [EMAIL PROTECTED]
locally
- enable the use of the mailertable map in sendmail configuration
- in /etc/mail/mailertable, have a line like:
domain.com esmtp:exchangebox.domain.com

> 3.  no mail will be deleted, but will simply have the spam score in the
> message header and the Spam in the subject line.  then the users of the
> exchange server will be able to filter based on Spam Score or the subject
> line or whatever.

This is pretty much a default  SA  configuration.  I  recommend  using
amavisd-new  (http://www.ijs.si/software/amavisd/)  to  plug  SA  into
sendmail because it interfaces very nicely with sendmail at the Milter
interface, has a very well documented setup and configuration file, is
fast and stable.

You may have to recompile sendmail  from  source  to  support  Milter,
however. It's nice and easy on all popular Unices.

> 4.  I don't need to scan outgoing mail but i guess that wouldn't hurt as
> well.

You  mean  tag spam originating from your domain? Sounds strange... or
are you talking about virus scanning here?

Greets,
_Alain_


-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk






-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Reply via email to