Walt Reed wrote: >> You might want to look at http://www.mimedefang.com. It is an email >> scanner that runs as a sendmail milter and uses your choice of spam and >> virus scanning tools. As a milter, it can tell if sendmail's connection >> was authenticated or used ssl, plus it can reject as a result of the >> scan during the smtp conversation. > > Or you can look at a modern MTA such as Exim, which also has built-in > support for Spamassassin, ClamAV, can easily do smtp auth, and supports > pretty much any kind of back-end or database you can come up with... > It's very well supported via the active mailing list / WIKI. We have > a custom setup that allows users to choose just how much spam filtering > they want to do, have custom white / black lists, greylisting, etc., > etc. Special case routing / rewriting, and what not is easy once you > understand the basic concepts. > > While I used to use sendmail years ago, I can't imagine trying to > configure it to do what we are doing today with Exim. The sendmail > configuration is way too obtuse. I don't think you understand what the milter interface and MimeDefang add to sendmail. You get all the things that sendmail normally does very efficiently and its mostly-complete m4 config file that comes included with Centos, _plus_ the ability to control most operations with a small chunk of custom perl. It is nothing like the sendmail of years ago, plus the milter operations run under their own uid for more security. > Unfortunately, the Exim RPMS in Centos are very old, but you can > download current RPMS (of Exim and Dovcot) via atrpms.net (Dag's dovcot > is too old too.) > > Of course building it yourself isn't all that hard either, and if you > run dedicated, moderate to high volume mail servers, I would recommend > it. I don't think anything will match the efficiency of sendmail and MimeDefang doing the same job. The architecture is kind of hard to explain but basically the milter back-ends run independently so at any time you may have many more sendmail processes doing other operations than you have milter processes doing scanning. The reason this is complicated is that the milter provides hooks for several steps in the SMTP conversation, so for example sendmail might have one backend milter process perform a check on RCPT addresses, then do some other steps and connect again for DATA. This gives you much more control over the load on your machine since you don't have to throttle the number of active sendmails down to the number of spamassassin instances you can run at once. -- Les Mikesell lesmikesell at gmail.com