ETRN support in MailScanner required

[Michael Mansour]

Hi Leif,

> > Hi,
> >
> > I'm using Fedora Core 1 and 2, sendmail and
> > mailscanner.
> >
> > My primary mailserver is on Fedora Core 1.
> > My backup mailserver is on Fedora Core 2.
> > Both run sendmail and MailScanner.
> >
> > For my backup mailserver, I use mailertable and
> dsmtp
> > configured in that with the primary server making
> ETRN
> > connections to the backup every hour (I'm using
> the
> > sendmail etrn.pl script from the contrib directory
> to
> > perform this step).
>
> using ETRN is bad, because it forces sendmail to
> process the messages in
> mqueue.in which hold unscanned messages.
>
> Do you need ETRN?
> Why doesn't your backup mailserver send the messages
> without it,
> i.e. why use the dsmtp mailer, why not just the
> standard esmtp?
> Then the backup mailserver tries regularly to
> deliver.

What I wanted to avoid was the "WARNING: Message
undeliverable after 4 hours" etc messages which esmtp
would do. With dsmtp, the mail sits there forever
until the primary mx server comes up, where it can
then run the etrn.pl script to retrieve the mail from
the backup mx.

> You can use cron to every hour do sendmail
> -qRyour.dom
>
> If you MUST use some ETRN-alike functionality, you
> can use this method:
> I have one client left on ISDN which need ETRN, I
> simulate it by having a
> script called from inetd
>
> In inetd.conf:
> at-rtmp         stream  tcp     nowait root
> /usr/local/sbin/etrnjohn
> etrnjohn
> (at-rtmp is just some random service from
> /etc/services I don't use)
>
> /usr/local/sbin/etrnjohn:
> #!/bin/sh
> echo Hello
> /usr/sbin/sendmail -qRjohns.dom
> sleep 5
>
> Then the client just does a telnet my.mailserver.dom
> at-rtmp when it wants
> its mail.

Based on yours and a couple of other ppl, I decided
against the dsmtp/etrn approach and went through to
esmtp setup. I added esmtp into mailertable,
re-hashed, and added the domains in mailertable into
my "relay-domains" file so the backup mx server will
keep trying to deliver to primary mx.

> > I've read the list archives on this and it was
> > mentioned in there that enabling ETRN in
> MailScanner
> > means that clients could receive unscanned virus
> and
> > spam emails, bypassing MailScanner altogether.
> >
> > Is this true?
> >
> > Does this matter in my situation anyway since the
> > primary mailserver also runs MailScanner and would
> > scan the messages when it picks them up anyway?
> >
> I have a setup where my email clients connects to
> the main mailserver which
> also runs mailscanner.
>
> But my incoming MX is on another server, which runs
> mailscanner too,
> and also sends scanned mail to clients which have
> their own mailserver,
> sends mail to the main mailserver on another port,
> which is not scanned on
> the mailserver.
> I'm running an extra sendmail on the main mailserver
> which listens to that
> port and delivers directly to mqueue, not mqueue.in.
>
> That takes the load of the main mailserver, so email
> clients can get/send
> more quickly.

That's an interesting setup :)

> > I've commented out the above "noetrn" line so I
> can
> > continue to have my backup mail server facility
> > working. Is this the best way to go about it?
>
> NO!

Advice taken, thanks for your comments Leif.

Michael.

> Leif
>
> ------------------------ MailScanner list
> ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with
> the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ
> (http://www.mailscanner.biz/maq/) and
> the archives
> (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>

Find local movie times and trailers on Yahoo! Movies.
http://au.movies.yahoo.com

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).