From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/57986 Path: main.gmane.org!not-for-mail From: Daniel Pittman Newsgroups: gmane.emacs.gnus.general Subject: [OT] Dual-MTA setup and spam filtering (was Re: wallowing out of the spam quagmire) Date: Sun, 27 Jun 2004 00:55:44 +1000 Sender: ding-owner@lists.math.uh.edu Message-ID: <87smci2wsv.fsf_-_@enki.rimspace.net> References: <868yebsqrk.fsf@rumba.de.uu.net> <87659f67d8.fsf@enki.rimspace.net> NNTP-Posting-Host: deer.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: sea.gmane.org 1088262124 25956 80.91.224.253 (26 Jun 2004 15:02:04 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Sat, 26 Jun 2004 15:02:04 +0000 (UTC) Original-X-From: ding-owner+M6527@lists.math.uh.edu Sat Jun 26 17:01:55 2004 Return-path: Original-Received: from malifon.math.uh.edu ([129.7.128.13]) by deer.gmane.org with esmtp (Exim 3.35 #1 (Debian)) id 1BeEgk-00008q-00 for ; Sat, 26 Jun 2004 17:01:54 +0200 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by malifon.math.uh.edu with smtp (Exim 3.20 #1) id 1BeEgJ-00025K-00; Sat, 26 Jun 2004 10:01:27 -0500 Original-Received: from util2.math.uh.edu ([129.7.128.23]) by malifon.math.uh.edu with esmtp (Exim 3.20 #1) id 1BeEgA-00025C-00 for ding@lists.math.uh.edu; Sat, 26 Jun 2004 10:01:18 -0500 Original-Received: from justine.libertine.org ([66.139.78.221] ident=postfix) by util2.math.uh.edu with esmtp (Exim 4.30) id 1BeEg9-0008Oy-MM for ding@lists.math.uh.edu; Sat, 26 Jun 2004 10:01:17 -0500 Original-Received: from main.gmane.org (main.gmane.org [80.91.224.249]) by justine.libertine.org (Postfix) with ESMTP id E478D3A003D for ; Sat, 26 Jun 2004 10:01:15 -0500 (CDT) Original-Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian)) id 1BeEg1-00066b-00 for ; Sat, 26 Jun 2004 17:01:14 +0200 Original-Received: from 203-217-29-45.perm.iinet.net.au ([203.217.29.45]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Jun 2004 17:01:09 +0200 Original-Received: from daniel by 203-217-29-45.perm.iinet.net.au with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sat, 26 Jun 2004 17:01:09 +0200 X-Injected-Via-Gmane: http://gmane.org/ Original-To: ding@gnus.org Original-Lines: 80 Original-X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 203-217-29-45.perm.iinet.net.au Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEUnIyatfG0aGBsMChBG NThoSkb52Lk0unwsAAACeElEQVR42l2UMZPbIBCF9zDqw4xRzYDTO5LTY92SWsyx11NE//8n5AGK LxMVtkcfb/fxWEzr61nWfx8aX57CnVUI/wPNRQH41Ycv4PGZJEZ/25pSjbKeXLwsTkrimArWeNdb eU+aNzVJkkJlJ78uzvu/IGqRImXnElHHkQ/BAzjUEBErPhXyS3CMtwvAQuhgjOzJGFOCd5p8e/Dp JOWS7HwchynK3QhtwgrwvXAqn+39Ua9818qBLAConbi/P6ot5Iiol6JiSZ51ACMNIAIodLJ0zccJ bKQGoKD4vN7EvMBO5AbgXCaxx6sUnXZTEZuSGc0RAXoMhUi6NlDBbJEdqbrY7L5ABogqOkfq3hXY tEx1NnIcNttyQ4qqKcqe0ANdcwPGbHB72tW2vFVT52YKoVBs8a6kI0t5M6fbw1iKEIRATCmlt3lk aGaTS3F9HxwLjI39/c4ZgHyLl5gZvnopA1fW7IgKW8SZ48jN6GEyfO3DFmmNI5/PEA1qkRs9HLOk ExgLLbkRoiMt3EtVjIQY63T8As98KrL5hp2No/Vaokg9JeitmakpFKF7qafEREwGx35cjlOSsXWD RLg/DeAnDNcTRKzvxLfBivx5wBiyv7YO1Ir5VivSPNzmK1JVRHqMBKKHp6NKls31Imi+NAnxOTzb eiflOhi3IfWt292HRfWVDQS/3g09MQ60qXVRWIfUGwjhh2h+ME9aPeIYxBYJrnbe9g0zqLegY5/D BqBc6nvC9b+Jv3B0uPodtEr2AvuF9zvxhhDfcW+bImR7wXlNMdBPxkWjfe0K/6hWuYlZT2ihMNUp 4r9kWcKvanWOj+2DAkeFE0xpD38AQw3cf9DOFKYAAAAASUVORK5CYII= User-Agent: Gnus/5.110003 (No Gnus v0.3) XEmacs/21.4 (Security Through Obscurity, linux) Cancel-Lock: sha1:WnP0vENs0la97BwKBM1NZqVGRy8= Precedence: bulk Xref: main.gmane.org gmane.emacs.gnus.general:57986 X-Report-Spam: http://spam.gmane.org/gmane.emacs.gnus.general:57986 On 26 Jun 2004, Harry Putnam wrote: > Daniel Pittman writes: > >> If you have control over your SMTP server, take a look at the >> 'amavisd-new' package, which hooks into the loop and deals with SPAM >> tagging with SpamAssassin as well as virus detection, and works very >> nicely. > > My MTA is sendmail: > checking this out at: http://www.ijs.si/software/amavisd/ > > It mentions a `dual sendmail set-up' being required to use it with > sendmail and says it works best with Postfix. Ah. What that means is that sendmail lacks some of the routing flexibility of newer MTA systems, requiring you to run two complete and distinct instances of it to get inline SMTP filtering... > I've seen that term ( `Dual Sendmail setup' ) a few times lately but > haven't really seen anything telling what it means. Basically, this is the diagram for mail delivery: +----------+ +---------+ +-------------+ +---------+ | internet +-----+ MTA ext +-----+ amavisd-new +-----+ MTA int | +----------+ +---------+ +-------------+ +---------+ Mail comes in to the first sendmail on port 25, and is queued to disk. It is then sent through amavisd-new via SMTP, which sends it to a second sendmail. The second sendmail then delivers the mail to the end user. You can, but don't have to, run both of the sendmail instances on the same system. One reason for doing this is because there is a firewall between the two systems, and you don't want your internal mail server exposed directly, and vice-versa. Another is to get something like amavisd-new inline to the SMTP delivery cycle. Postfix, for reference, can have a single instance, with only the one configuration file, etc, and achieve the same results -- effectively, have one SMTP port that passes stuff to a content filter, and another which doesn't.[1] > Do you know what that reference is about? > > == > (at http://www.ijs.si/software/amavisd/) > [...] > > It is written in Perl for maintainability, without paying a > significant price for speed. It talks to MTA via (E)SMTP or LMTP, or > by using helper programs. Best with Postfix, fine with dual-sendmail > setup and Exim v4, works with sendmail/milter, or with any MTA as a > SMTP relay. 'Howto' for qmail available as well. The 'milter' interface is a way to put something inline to sendmail during the initial SMTP conversation, rather than after the mail is queued on disk for the first time. This works, but I don't personally recommend it as a model. This document covers why in some detail: It deals with Postfix, but the 'milter' is connected within sendmail in the same spot as the 'before queue filter' in Postfix. Daniel Footnotes: [1] Recent versions can even have a single port which does this; I have that configuration, and it is quite nice. -- CAUTION: This product exerts a force on every other object in the Universe, proportional to the product of their masses divided by the square of the distance between them, center to center.