Will McDonald wrote: > This doesn't run unmodified Qmail, it's the Qmail patchset from > Qmailtoaster built into packages but I mangle the SPEC a little to > remove the MySQL requirement and customise a few bits and bobs. > > And, as I said this is "Qmail listening on localhost only for the very > final Maildir delivery after messages have been dealt with by > MailScanner and Sendmail". > > Incoming Sendmail is configured to use a list of valid RCPT TO > addresses via LDAPROUTE_DOMAIN_FILE and the ldap_routing FEATURE. This > is for mail traffic from the internet so anything attempting to > deliver to an invalid RCPT TO gets dropped sharpish. > > Outgoing Sendmail (which delivers to Qmail for local deliveries) is > configured using relay_mail_from and a list of valid addresses in the > access map which isn't ideal but I have a lot of legacy reasons for > having things the way they are. It's open to some abuse but only from > a very limited set of internal users and the alternatives, SMTP-AUTH > isn't feasible under the restrictions we're under. :o\ > > I will have a look at using Procmail or Postfix as you and Feizhou > have mentioned as we're rebuilding a couple of these servers > currently. > > Will. I personally still don't see any need to drop qmail per se, but everything you're doing should be completely functional under one MTA. That whole sendmail --> qmail --> sendmail sounds like bandaids upon bandaids, piled on top of bandaids to me. I mean, yeah, it works, but rebuilding that application from functional spec is fairly trivial, fairly easy to implement, and will greatly reduce the complexity of your architecture. In our case, we use qmail because: A) It satisfies all of our particular requirements. B) We have a custom MySQL authentication/delivery process that was written in house. Although at this point, there's no cat left there, either. C) We do more than just email with our setup. Our MySQL authentication drives a bunch of other applications, so unless we want to build everything back out from scratch, we're do it like so. That being said, while there's things I'd replace in the application infrastructure, qmail's probably not one of them. Everything I know about mail and SMTP pretty much, I learned from qmail, qmail-related documentation, or pointers to more complete documentation I probably wouldn't have looked at had I not been referred to them in a roundabout way from qmail. Peter -- Peter Serwe <peter at infostreet dot com> http://www.infostreet.com "The only true sports are bullfighting, mountain climbing and auto racing." -Earnest Hemingway "Because everything else requires only one ball." -Unknown "Do you wanna go fast or suck?" -Mike Kojima "There are two things no man will admit he cannot do well: drive and make love." -Sir Stirling Moss