Aaron Boyles wrote on Thu, 22 Dec 2005 09:34:09 -0500: > Unfortunately, this would result in a third "step" in the SMTP process. > Currently, the SMTP filter I run allows us to use our choice of virus > scanner to check for viruses, monitor real-time traffic, and even "chat > back" to a would-be hacker if they're screwing with the system manually, as > well as back-up E-Mails for however long we need to, as well as all traffic > that transpires in case we have to go back to a previous attack log for > prosecution purposes.
You don't need prosecution if no one can abuse you. MailScanner will provide all the above for you. Adding a spam filter at this point would just be the > smart thing to do. The smart thing is to block as much unwanted traffic as you can before accepting it. Reduces spam influx by about 80% or more. Unfortunately, if we were to make a third server, we > would then have this app receiving incoming SMTP traffic, doing its thing, > then forwarding that on to the Spam Assassin server, That server is not necessary at all. then having THAT > forward it on to the Exchange server. Again, keep in mind that I'm trying > to keep this as ridiculously simple as possible for the people that'll have > to actually implement it in my absence. Placing just one Linux box with MailScanner, SA and several virusscanners of your choice before the Exchange box *is* that simple. And if you use greylisting there won't be much spam left for SA anyway. You want it simple, I'm all for that. I think that your "special Exchange sink" solution is far more complicated/complex than this. It might be a genious piece of software, but it's not flexible since you produced it for a specific purpose and it's bound to Exchange which limits your options, anyway. Just administering the Exchange is more complex than administering the whole MailScanner box. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com