using both MS and sendmail..
Alex Neuman van der Hans
alex at nkpanama.com
Thu Sep 23 14:32:15 IST 2004
<x-flowed>
You honestly should consider using MailScanner itself for everything and
dropping Trend.
I have had major headaches because of Trend - mostly because of their
clue-challenged tech support personnel and poor support policies.
If you already plunked down your hard earned money you can still use
Trend's product - just use the command line version from within
MailScanner to check your e-mail for viruses; using ClamAV + BitDefender
(both free AFAIK) should protect you better than Trend could.
The *one* thing you might consider using Trend for while your license is
valid is to become a parent proxy for Squid. That way you can scan web
content for viruses - although you can provide almost the same
functionality using regexps for \.exe$ and such.
Matt Kehler wrote:
>>>>mailscanner at ECS.SOTON.AC.UK 09/21/04 12:58PM >>>
>
> At 18:49 21/09/2004, you wrote:
>
>>So I think I figured out my 'issue'. Basically, I can't seem to get my
>>RBL's to work, either with Sendmail, OR with MS. If I go into the details
>>of a MS message using MailWatch..the email always shows as coming from
>>127.0.0.1 So MS isn't aware of where the email *actually* came from,
>>therefore doesn't do a check. I tried binding sendmail to both 127.0.0.1
>>only, its IP address only, as well as both. (this server is configured
>>as a relay via mailertable, to push all email back onto our corporate mail
>>server). FYI, I'm now upgraded to MS 4-33.3
>>
>>When I bind sendail to only 127.0.0.1, then MS *will* do the RBL's, as its
>>listening on the 'real' interface. The issue is that I am using Trend
>>Interscan Viruswall, along with its eManager (file blocking). What I
>>*want* is for mail to come in, get accepted by the *real* sendmail, go
>>through the Trend virus and file checks, THEN pass it to MailScanner, and
>>do ITS checks. I figured that binding sendmail to the real IP would do
>>this...but it doesn't. I know I can get MS to use the Trend virus
>>scanner, but I still want to have the file attachment checking done by
>>trends eManager as it has a great web based GUI that our helpdesk uses. So
>>I need it in there. Plus I'd rather have sendmail do the RBL's and
>>reject email there, so it doesn't even have to get passed to MS and take
>>longer.
>>
>>any ideas? I think essentially what I need to do is have sendmail listen
>>on the real IP address, do its Trend stuff as well as RBL's via sendmail,
>>and then pass it to MS, but via smtp. So really MS no longer hooks into
>>sendmail...it just sits beside it. Or am I missing the boat here? (quite
>>possible :)
>
>
>>>Get the Trend stuff to output on 127.0.0.1 port 26, and have MailScanner's
>>>incoming sendmail instance listen on 127.0.0.1 port 26. It won't be able to
>>>do its RBL check (as it was received from the remote host by Trend and not
>>>MailScanner) but everything else should work. Don't try to bind different
>>>things to the same port on different instances. It may be possible in
>>>theory, but I wouldn't guarantee you can actually make it work.
>
>
>>>For the above 26 is a random number closely related to 25. Feel free to use
>>>any unused port number you have lying around :-) ("netstat -an" is your
>>>friend)
>>>--
>>>Julian Field
>
>
> Okay, some mad reading later, I have come up with this plan to essentially build a sendmail-interscan-MS sandwich. Thoughts?
>
> - change the sendmail config.... ie, /etc/sendmail.cf to output to port 10024 via the define(`ESMTP_MAILER_ARGS~, define(RELAY_MAILER_ARGS~ , etc etc.
> - change Trend Interscan to daemon mode, listen on localhost port 10024, and output on port 10025 (via editing of the intscan.ini itself that the program uses)
> - change the MailScanner incoming instance to listen on 10025 via editing the MailScanner startup script. I'm assuming I'll have to change, under the 'incoming sendmail' line
>
> $SENDMAIL -bd -OPrivacyOptions=noetrn \
> -ODeliveryMode=queueonly \
> -OQueueDirectory=$INQDIR \
> -OPidFile=$INPID
>
> ....to include a -C sendmail.listen.on.10025.cf
>
> , where the above file is essentially my original sendmail.cf file, but with the 'DAEMON_OPTIONS' set to listen on port 10025
>
> Does that pretty much sum it up?
>
> Matt
>
>
>
>
>
>
>
>
> This email and/or any documents in this transmission is intended for the
> addressee(s) only and may contain legally privileged or confidential
> information. Any unauthorized use, disclosure, distribution, copying or
> dissemination is strictly prohibited. If you receive this transmission in
> error, please notify the sender immediately and return the original.
>
> Ce courriel et tout document dans cette transmission est destiné à la personne
> ou aux personnes à qui il est adressé. Il peut contenir des informations
> privilégiées ou confidentielles. Toute utilisation, divulgation, distribution,
> copie, ou diffusion non autorisée est strictement défendue. Si vous n'êtes pas
> le destinataire de ce message, veuillez en informer l'expéditeur immédiatement
> et lui remettre l'original.
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>
More information about the MailScanner
mailing list