using both MS and sendmail..

Matt Kehler mkehler at wrha.mb.ca
Wed Sep 22 14:56:38 IST 2004


>>> mailscanner at ECS.SOTON.AC.UK 09/21/04 12:58PM >>>
At 18:49 21/09/2004, you wrote:
>So I think I figured out my 'issue'.  Basically, I can't seem to get my
>RBL's to work, either with Sendmail, OR with MS.  If I go into the details
>of a MS message using MailWatch..the email always shows as coming from
>127.0.0.1  So MS isn't aware of where the email *actually* came from,
>therefore doesn't do a check.  I tried binding sendmail to both 127.0.0.1
>only, its IP address only, as well as both.    (this server is configured
>as a relay via mailertable, to push all email back onto our corporate mail
>server).   FYI, I'm now upgraded to MS 4-33.3
>
>When I bind sendail to only 127.0.0.1, then MS *will* do the RBL's, as its
>listening on the 'real' interface.  The issue is that I am using Trend
>Interscan Viruswall, along with its eManager (file blocking).  What I
>*want* is for mail to come in, get accepted by the *real* sendmail, go
>through the Trend virus and file checks, THEN pass it to MailScanner, and
>do ITS checks.  I figured that binding sendmail to the real IP would do
>this...but it doesn't.   I know I can get MS to use the Trend virus
>scanner, but I still want to have the file attachment checking done by
>trends eManager as it has a great web based GUI that our helpdesk uses. So
>I need it in there.   Plus I'd rather have sendmail do the RBL's and
>reject email there, so it doesn't even have to get passed to MS and take
>longer.
>
>any ideas?  I think essentially what I need to do is have sendmail listen
>on the real IP address, do its Trend stuff as well as RBL's via sendmail,
>and then pass it to MS, but via smtp.  So really MS no longer hooks into
>sendmail...it just sits beside it.  Or am I missing the boat here? (quite
>possible :)

>>Get the Trend stuff to output on 127.0.0.1 port 26, and have MailScanner's
>>incoming sendmail instance listen on 127.0.0.1 port 26. It won't be able to
>>do its RBL check (as it was received from the remote host by Trend and not
>>MailScanner) but everything else should work. Don't try to bind different
>>things to the same port on different instances. It may be possible in
>>theory, but I wouldn't guarantee you can actually make it work.

>>For the above 26 is a random number closely related to 25. Feel free to use
>>any unused port number you have lying around :-) ("netstat -an" is your
>>friend)
>>--
>>Julian Field

Okay, some mad reading later, I have come up with this plan to essentially build a sendmail-interscan-MS sandwich.  Thoughts?

- change the sendmail config.... ie, /etc/sendmail.cf to output to port 10024 via the define(`ESMTP_MAILER_ARGS~, define(RELAY_MAILER_ARGS~ , etc etc.
- change Trend Interscan to daemon mode, listen on localhost port 10024, and output on port 10025 (via editing of the intscan.ini itself that the program uses)
- change the MailScanner incoming instance to listen on 10025 via editing the MailScanner startup script.  I'm assuming I'll have to change, under the 'incoming sendmail' line

$SENDMAIL -bd -OPrivacyOptions=noetrn \
                      -ODeliveryMode=queueonly \
                      -OQueueDirectory=$INQDIR \
                      -OPidFile=$INPID

....to include a -C sendmail.listen.on.10025.cf

, where the above file is essentially my original sendmail.cf file, but with the 'DAEMON_OPTIONS' set to listen on port 10025

Does that pretty much sum it up?

Matt








This email and/or any documents in this transmission is intended for the
addressee(s) only and may contain legally privileged or confidential
information.  Any unauthorized use, disclosure, distribution, copying or
dissemination is strictly prohibited.  If you receive this transmission in
error, please notify the sender immediately and return the original.

Ce courriel et tout document dans cette transmission est destiné à la personne
ou aux personnes à qui il est adressé. Il peut contenir des informations
privilégiées ou confidentielles. Toute utilisation, divulgation, distribution,
copie, ou diffusion non autorisée est strictement défendue. Si vous n'êtes pas
le destinataire de ce message, veuillez en informer l'expéditeur immédiatement
et lui remettre l'original.

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).



More information about the MailScanner mailing list