scanning on both primary and second MX servers

Julian Field MailScanner at ecs.soton.ac.uk
Thu May 4 09:53:38 IST 2006 

On 3 May 2006, at 23:36, Logan Shaw wrote:

> On Tue, 2 May 2006, Julian Field wrote:
>> On 2 May 2006, at 00:20, Logan Shaw wrote:
>
>>> So, I thought I had a solution:  install MailScanner on the
>>> backup MX as well.  Then blacklisting will be in effect over
>>> there, and everything's great, theoretically.  I installed all
>>> that, and just now I realized the flaw in that plan.  I now
>>> get two sets of headers because the messages are being scanned
>>> twice by two different machines.  (I get "X-Spam-Status: Yes,
>>> Yes" and stuff like that.)
>>
>> What I would advise is that you install SpamAssassin (used as part  
>> of MailScanner, download by "easy-to-install" package of ClamAV+SA  
>> from the MailScanner downloads page). You can then not only assign  
>> your own scores to different RBLs if you want to, but more  
>> importantly SpamAssassin will check all the hosts through which  
>> the message passed, not just the last hop (which is all  
>> MailScanner can do).
>>
>> SpamAssassin is much better than MailScanner with this feature.
>
> Aha, so just to recap now that I've taken a day or whatever to
> digest that response, I think what you're saying is this:
>
> 1.  Even though MailScanner uses SpamAssassin, they each have
>     their own independent RBL implementations and MailScanner
>     uses its own and turns off SpamAssassin's.

MailScanner does not turn off SpamAssassin's RBL support. You can  
(and I do) use both.

>
> 2.  SpamAssassin's RBL support works better in that it scans
>     all the Received: headers, rather than just looking at
>     where the most recent message came from.  And also in that
>     it gives me more control over scoring.
>
> 3.  I can set up MailScanner to use SpamAssassin's implementation
>     instead, so that I can continue to use MailScanner but I can
>     use the superior RBL implementation.
>
> And it would appear (please tell me if I'm on the right track!)
> that the implications of this are:
>
> 1.  I need to make sure I have properly configured SpamAssassin
>     so that it correctly identifies which hosts are/aren't
>     trusted, and I use the "trusted_networks" setting to do
>     this by putting a list of all my own MX hosts (and those
>     I trust, like maybe my ISP's).
>
> 2.  If I do this (and if I don't feel the need to delete the
>     spam immediately on the secondary MX), then I don't
>     necessarily have to have MailScanner or SpamAssassin or
>     any other filtering software on the backup MX, because
>     SpamAssassin can catch everything on the main mail server.
>
> Do I basically have that correct?  If so, that makes my life
> easier, because it is a bit more of a pain to maintain a second
> MailScanner setup on the backup MX machine.  (Especially
> considering that its bayes and autowhitelisting will be all
> screwed up, so those require special attention...)

 From what I see, yes.

-- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

More information about the MailScanner mailing list