mailscanner with postfix header checks vs.

Drew Marshall drew at THEMARSHALLS.CO.UK
Thu Nov 18 13:01:48 GMT 2004


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

On Thu, November 18, 2004 9:44, dave said:
> I'm wondering if anyone has experience with
> both mailscanner and amavisd-new with postfix

Yes. For a short time I ran both (1 on one machine, 1 on another).

> spamassassin, and razor plus an AV either clamav or fprot though the AV
> isn't really important?

Indeed as both AMAVIS and MailScanner are just interfaces for all of the
above.
>I was previously using amavisd-new, postfix, and spamassassin for
> antispam, but
> was not very happy with this setup, it did ok, but i feel it could have
> done
> better, maybe i'm just a perfectionist. What i'd like to know is your
> personal pros and cons of either solution, in terms of speed, reliability,
> ease of use/configuration, approx amount of spam caught, and general
> impressions.

I moved everything to MS because it has far more features. I like the HTML
disarming, including scripts etc. As for anti-spam, well that's as good as
you SpamAssassin setup. Both AMAVIS and MS will miss spam if SA isn't
working to it's best (Likewise Anti-Virus).

For speed, MS uses batch processing so will tend to be more efficient in
it's processing in busy environments. AMAVIS uses SMTP/ LMTP to process
messages (One at a time) but uses daemons to speedup the scanning process.
TBH my boxes don't handle huge amounts of mail so speed differences were
not really noticeable. MS handles it's own queue/ batch processing where
as AMAVIS expects Postfix to manage the queue processing so when all the
connections are used up by AMAVIS Postfix has to do the delaying/
retrying. With MS the messages just sit in the hold queue until processed.
IMHO this must release extra cycles to the bottle neck (Ths AV/ SA
scanning) but again I have never actually soak tested this theory.

> A friend of mine set up a postfix box with mailscanner about
> a
> year ago, the thing i didn't like was i had to use two postfix instances,
> i
> like to keep things as standard as possible. I checked the postfix section
> of the user's guide today when another friend said mailscanner had a
> feature, see next point, that i've been looking for and discovered that
> now
> you can use header checks for mailscanner. My question is where in the
> header checks file should you put the HOLD line?

Postfix will do first line matching so put it at the end as the 'catch
all'. Again this is one of the benefits of using this setup. Use Postfix
for what it's good for. Use MS for what it's good for!

> I'd also like more information on
> connection limiting. One of my mail servers is natted behind a firewall
> and
> is being blasted by connecting clients trying to spam, it does well, but
> i'd
> like to block the offending IP or drop it for instances if it connects
> within x times within a minute.

That's a job for Postfix. Have a look at the smtpd_error_sleep_time,
smtpd_soft_error_limit and smtpd_hard_error_limit and either slow the
response times (Which will be happening by default) or reduce the number
of errors required before Postfix disconnects.

HTH

Drew


--
In line with our policy, this message has
been scanned for viruses and dangerous
content by MailScanner, and is believed to be clean.
www.themarshalls.co.uk/policy

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list