[juneau-lug] Re: ORDB.org is shutting down

  • From: Kevin Miller <millerboys@xxxxxxxxxxxxx>
  • To: juneau-lug@xxxxxxxxxxxxx
  • Date: Sat, 23 Dec 2006 12:00:28 -0900

James Zuelow wrote:

> Most modern MTAs have a variety of anti-spam tools built in.  For example 
> Postfix can reject mail that comes from IP addresses with no PTR record just 
> by turning on "reject_unknown_client".
> 
> Sometimes MTA's use a very slightly different methodology to do the same 
> thing - Sendmail's "greetpause" and Postfix's "reject unauth pipeline" both 
> reject pipelined SMTP commands.  IMHO Postfix's method is more elegant, but 
> Kevin might disagree.

Having never played with Postfix, I can't say that I disagree.  From
what I've read I'd probably agree with James if I had played with it
though.  Wietse has made it very robust and easily configurable.

Sendmail is allegedly going through a ground up rewrite for v10.  It
stems from the days when 640 kb was all the ram anybody could ever need
on a desktop and 2 mb was a powerful server.  Or before.  There's very
little elegant about it, but it's what I started on and haven't had the
time to explore Postfix in any meaningful way.  Maybe it'll be a
resolution in '07. <g>

On the other hand, it is pretty easily extensible using milters which
are essentially plug-ins that may be written in <YOUR FAVORITE LANGUAGE
HERE> and called by sendmail.

I'd hazard a guess that I reject over half the connection attempts out
of hand, and a substantial more after being run through the milters I'm
using.  The more messages you reject at the MTA, the less spam/virus
scanning you have to do.

Postfix recently added milter functionality also.


> There are a huge number of 3rd party utilities to monitor log files or take 
> action.  You probably want to take a peek at MailScanner 
> (http://www.mailscanner.info) since it does all of the things you've listed 
> above.  Kevin knows a lot of the ins and outs of using it in production.  I 
> just ssh in and break it from time to time.  :)

I'd be happy to do a D&PS (cityspeak for Dog & Pony Show) sometime on
MailScanner - http://mailscanner.info/  Downtown lib might be best for
this since I have a live box running over there.  We'd need an projector
though.  Or, what would folks think about doing a LUG meeting over lunch
sometime?  I could get the overhead and book the meeting room at city hall.

It isn't really an anti-spam package, but rather a management interface
for utilizing multiple other packages such as spamassassin, antivirus
lists, razor2, RBLs, etc.  It's a CLI package but there are webmin
modules for it (perpetually out of date) and another package called
MailWatch (http://mailwatch.sourceforge.net/doku.php) which adds web
functionality and reporting. It's pretty slick.

The developers also sell an appliance which uses MailScanner/MailWatch
with some enhancements:  http://www.fsl.com/

Another useful too, but one I've never used, is logwatch.  Their website
seems to be down at the moment but I think it's http://www2.logwatch.org.


...Kevin
-- 
Kevin Miller
http://www.alaska.net/~atftb
Juneau, Alaska
Registered Linux User No: 307357
------------------------------------
The Juneau Linux Users Group -- http://www.juneau-lug.org
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts:

  1. Home
  2. juneau-lug
  3. Archive
  4. 12-2006