using both MS and sendmail..

Alex Neuman van der Hans alex at nkpanama.com
Thu Sep 23 14:32:15 IST 2004 

<x-flowed>
You honestly should consider using MailScanner itself for everything and 
  dropping Trend.

I have had major headaches because of Trend - mostly because of their 
clue-challenged tech support personnel and poor support policies.

If you already plunked down your hard earned money you can still use 
Trend's product - just use the command line version from within 
MailScanner to check your e-mail for viruses; using ClamAV + BitDefender 
(both free AFAIK) should protect you better than Trend could.

The *one* thing you might consider using Trend for while your license is 
valid is to become a parent proxy for Squid. That way you can scan web 
content for viruses - although you can provide almost the same 
functionality using regexps for \.exe$ and such.

Matt Kehler wrote:
>>>>mailscanner at ECS.SOTON.AC.UK 09/21/04 12:58PM >>>
> 
> At 18:49 21/09/2004, you wrote:
> 
>>So I think I figured out my 'issue'.  Basically, I can't seem to get my
>>RBL's to work, either with Sendmail, OR with MS.  If I go into the details
>>of a MS message using MailWatch..the email always shows as coming from
>>127.0.0.1  So MS isn't aware of where the email *actually* came from,
>>therefore doesn't do a check.  I tried binding sendmail to both 127.0.0.1
>>only, its IP address only, as well as both.    (this server is configured
>>as a relay via mailertable, to push all email back onto our corporate mail
>>server).   FYI, I'm now upgraded to MS 4-33.3
>>
>>When I bind sendail to only 127.0.0.1, then MS *will* do the RBL's, as its
>>listening on the 'real' interface.  The issue is that I am using Trend
>>Interscan Viruswall, along with its eManager (file blocking).  What I
>>*want* is for mail to come in, get accepted by the *real* sendmail, go
>>through the Trend virus and file checks, THEN pass it to MailScanner, and
>>do ITS checks.  I figured that binding sendmail to the real IP would do
>>this...but it doesn't.   I know I can get MS to use the Trend virus
>>scanner, but I still want to have the file attachment checking done by
>>trends eManager as it has a great web based GUI that our helpdesk uses. So
>>I need it in there.   Plus I'd rather have sendmail do the RBL's and
>>reject email there, so it doesn't even have to get passed to MS and take
>>longer.
>>
>>any ideas?  I think essentially what I need to do is have sendmail listen
>>on the real IP address, do its Trend stuff as well as RBL's via sendmail,
>>and then pass it to MS, but via smtp.  So really MS no longer hooks into
>>sendmail...it just sits beside it.  Or am I missing the boat here? (quite
>>possible :)
> 
> 
>>>Get the Trend stuff to output on 127.0.0.1 port 26, and have MailScanner's
>>>incoming sendmail instance listen on 127.0.0.1 port 26. It won't be able to
>>>do its RBL check (as it was received from the remote host by Trend and not
>>>MailScanner) but everything else should work. Don't try to bind different
>>>things to the same port on different instances. It may be possible in
>>>theory, but I wouldn't guarantee you can actually make it work.
> 
> 
>>>For the above 26 is a random number closely related to 25. Feel free to use
>>>any unused port number you have lying around :-) ("netstat -an" is your
>>>friend)
>>>--
>>>Julian Field
> 
> 
> Okay, some mad reading later, I have come up with this plan to essentially build a sendmail-interscan-MS sandwich.  Thoughts?
> 
> - change the sendmail config.... ie, /etc/sendmail.cf to output to port 10024 via the define(`ESMTP_MAILER_ARGS~, define(RELAY_MAILER_ARGS~ , etc etc.
> - change Trend Interscan to daemon mode, listen on localhost port 10024, and output on port 10025 (via editing of the intscan.ini itself that the program uses)
> - change the MailScanner incoming instance to listen on 10025 via editing the MailScanner startup script.  I'm assuming I'll have to change, under the 'incoming sendmail' line
> 
> $SENDMAIL -bd -OPrivacyOptions=noetrn \
>                       -ODeliveryMode=queueonly \
>                       -OQueueDirectory=$INQDIR \
>                       -OPidFile=$INPID
> 
> ....to include a -C sendmail.listen.on.10025.cf
> 
> , where the above file is essentially my original sendmail.cf file, but with the 'DAEMON_OPTIONS' set to listen on port 10025
> 
> Does that pretty much sum it up?
> 
> Matt
> 
> 
> 
> 
> 
> 
> 
> 
> This email and/or any documents in this transmission is intended for the
> addressee(s) only and may contain legally privileged or confidential
> information.  Any unauthorized use, disclosure, distribution, copying or
> dissemination is strictly prohibited.  If you receive this transmission in
> error, please notify the sender immediately and return the original.
> 
> Ce courriel et tout document dans cette transmission est destiné à la personne
> ou aux personnes à qui il est adressé. Il peut contenir des informations
> privilégiées ou confidentielles. Toute utilisation, divulgation, distribution,
> copie, ou diffusion non autorisée est strictement défendue. Si vous n'êtes pas
> le destinataire de ce message, veuillez en informer l'expéditeur immédiatement
> et lui remettre l'original.
> 
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

</x-flowed>

More information about the MailScanner mailing list