MailScanner at ecs.soton.ac.uk
Wed Nov 21 15:07:30 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Andreas Kasenides wrote:
> I am a relatively newcomer to the MailScanner land but I have been
> running mail servers
> (sendmail for too many years to admit and postfix for the last 3
> years) and I have come
> across this Postfix-with-MS incompatibility issue. Apparently the
> Postfix developers
> are seriously anti-MS because MS DOES not use their own way of message
> between the SMTP processes and the MS processes (apparently they
> recommend LMTP).
> I have read a lot of this on the Postfix lists and while there is a
> serious issue of how
> a message is moved from the SMTP service to the virus/spam-detecting
> service I have come to the
> conclusion that there are only a couple of issues that need to be
> clarified from the MS point of view
> (the rest seems politics to me which I cannot comment since I do not
> know the players involved):
> 1. How does MS make sure that when dealing with the incoming Postfix
> queue it does not ake a mess
> of it? In other words how does MS know that a message in the queue is
> free and ready to be processed
> and that Postfix is not working on it?
Very good question.
Postfix does indeed put message directly into that queue before the
whole message has been received, it moves them into there as soon as it
can (in MailScanner's case as soon as it has enough information to fire
the "header_checks" rules). MailScanner goes to considerable lengths to
ensure that Postfix has written the entire file before it starts
processing it. This was indeed an occasional problem on heavily loaded
systems a *several years ago*, and could in rare circumstances cause
MailScanner to produce an extra spurious message with an incomplete
body, as well as the correct complete message. It didn't cause it to
lose a message.
However, all those problems are a long way behind us, my checks on the
message file work just fine now and have done for several years. Don't
worry, this is *very* thoroughly taken care of.
> 2. Apparently the Postfix guys believe that the queue file structure
> is there own internal "thing"
> which they do not or would not make public and if a new upgraded
> structure is created MS will fail miserably
> upon Postfix upgrade. Remember that MS depends on this structure to
> properly make changes in the
Yes, they treat the queue file structure as "private". Slightly strange
concept in open source, where surely nothing is private? Sendmail
documents its internal queue structure very well, and they are quite
happy for you to use it. Exim doesn't document it but support
MailScanner perfectly happily (the authors of Exim run MailScanner
themselves on all their mail). Only the Postfix guys have an issue with
me doing this. It's entirely political, I dared to think of a method of
handling messages that was faster than their way, and so was "thinking
outside the box", which appeared to upset them. Maybe because they
didn't think of it? :-)
The only thing I have ever asked of the Postfix guys is that they bother
to document their internal file structure so I don't have to read their
code to work it out. As it's open-source, there is no "reverse
engineering" or "hacking" involved, as I can logically extract the
format from their source code, which is what I did. It would just have
been nice to have been able to do it rather more easily from a written
spec. But they have never agreed to do that. As far as I'm concerned,
that is their problem, not mine. :-)
> I was very suddened by the discussion in the Postfix lists. In my view
> this sort of thing should
> happen in the commercial software world, not on open source projects.
I whole-heartedly agree!
> I would appreciate an answer (even if it is obvious) from somebody
> that knows enough of the internals
> of MS.
Would "the author" do you well enough? :-)
> Andreas Kasenides
> Joseph L. Casale wrote:
>> I was looking for a complete tutorial to setup a mail filter for our
>> existing server and came upon the following article
>> (http://www.howtoforge.com/linux_spam_filter_mail_gateway) but
>> reading the comments below it, it stated the implementation of
>> Mailscanner with postfix in this manner was unsupported?
>> Can you guys confirm or deny this, and if so possibly recommend a
>> similar tutorial?
>> Thanks for any input!
Julian Field MEng CITP
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.0 (Build 867)
Comment: Use Thunderbird's Enigmail Add-on to verify this message
-----END PGP SIGNATURE-----
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner