Mailscanner Newbie Questions

Greg Boehnlein damin at NACS.NET
Tue Oct 9 11:50:06 IST 2001 

On Tue, 9 Oct 2001, Julian Field wrote:

> At 01:50 09/10/2001, you wrote:
> >         My understanding is that mailscanner goes ahead and starts up 2
> >sendmail processes as evidenced by the /etc/rc.d/init.d/mailscanner
> >startup script:
> >/usr/sbin/sendmail -bd -ODeliveryMode=queueonly \
> >         -OQueueDirectory=/var/spool/mqueue.in
> >and
> >/usr/sbin/sendmail -q15m
> >
> >I assume the first one is for the incoming mail-queue, and that the second
> >one is for the outgoing mail-queue.
>
> Correct.
>
> >I am running a standard RedHat 7.1 sendmail.cf file, w/ the addition of
> >RBL support.
>
> But you just told me you overwrote your sendmail.cf file with one supplied
> with MailScanner! What sendmail.cf *are* you running with?

In the time that I had written that original message, I had gone back to
the default sendmail.cf file. So, I am now using a sendmail.cf file that
is a default redhat.mc + RBL support.

What I believe is happening (correct me if I am wrong) is that the
incoming QueueOnly sendmail process is using /etc/sendmail.cf, while the
delivery sendmail process is using /etc/sendmail.cf.forwarder.mailscanner

I do have the system working now. I.E. I am able to send, disinfect and
quarantine messages. Mail is delivered properly over to the main incoming
mail server.

> >  By default, this should disable open-relaying. However, when
> >I connect to this system, I can relay. If I gank the sendmail.cf from my
> >working mail-server which REJECTS relays unless added into the
> >/etc/mail/access file, it STILL allows relay from anywhere on the
> >mailscanner system.
>
> Define what you mean by "anywhere on the mailscanner system".

Let me be more clear on that. ;)

I have the domain nacs.net in /etc/mail/relay-domains. According to my
sendmail.cf file this allows relaying from any nacs.net system. This works
fine. Now that I have correct /etc/sendmail.cf files in place, RBL and
AntiRelay support is working properly.

Here is a copy of the .mc file that I am using for
/etc/sendmail.cf.forwarder.mailscanner. It is a little overkill for just a
forwarder, but what the hell....

divert(-1)
define(`OldMXHost', `mail.nacs.net')
include(`../m4/cf.m4')
define(`confDEF_USER_ID',``8:12'')
OSTYPE(linux)
define(`confDONT_INIT_GROUPS', `True')
define(`confAUTO_REBUILD')
define(`confLOG_LEVEL', `14')
FEATURE(nocanonify)
FEATURE(nullclient, OldMXHost)
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
dnl FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
FEATURE(`access_db',`hash -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
FEATURE(`dnsbl',`rbl.maps.vix.com')dnl
FEATURE(`dnsbl',`inputs.orbz.org')dnl
FEATURE(`dnsbl',`outputs.orbz.org')dnl
FEATURE(`dnsbl',`relays.mail-abuse.org')dnl
MAILER(smtp)dnl
Cwlocalhost.localdomain

--
    Vice President of New Age Consulting Service, Inc.  Cleveland Ohio
           http://www.nacs.net   info at nacs.net   (216)-619-2000
                              KP-216-121-ST

More information about the MailScanner mailing list