Beginner Question

Julian Field MailScanner at ecs.soton.ac.uk
Wed Nov 21 15:07:30 GMT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Andreas Kasenides wrote:
> I am a relatively newcomer to the MailScanner land but I have been 
> running mail servers
> (sendmail for too many years to admit and postfix for the last 3 
> years) and I have come
> across this Postfix-with-MS incompatibility issue. Apparently the 
> Postfix developers
> are seriously anti-MS because MS DOES not use their own way of message 
> passing
> between the SMTP processes and the MS processes (apparently they 
> recommend LMTP).
> I have read a lot of this on the Postfix lists and while there is a 
> serious issue of how
> a message is moved from the SMTP service to the virus/spam-detecting 
> service  I have come to the
> conclusion that there are only a couple of issues that need to be 
> clarified from the MS point of view
> (the rest seems politics to me which I cannot comment since I do not 
> know the players involved):
>
> 1. How does MS make sure that when dealing with the incoming Postfix 
> queue it does not ake a mess
> of it? In other words how does MS know that a message in the queue is 
> free and ready to be processed
> and that Postfix is not working on it?
Very good question.
Postfix does indeed put message directly into that queue before the 
whole message has been received, it moves them into there as soon as it 
can (in MailScanner's case as soon as it has enough information to fire 
the "header_checks" rules). MailScanner goes to considerable lengths to 
ensure that Postfix has written the entire file before it starts 
processing it. This was indeed an occasional problem on heavily loaded 
systems a *several years ago*, and could in rare circumstances cause 
MailScanner to produce an extra spurious message with an incomplete 
body, as well as the correct complete message. It didn't cause it to 
lose a message.

However, all those problems are a long way behind us, my checks on the 
message file work just fine now and have done for several years. Don't 
worry, this is *very* thoroughly taken care of.

> 2. Apparently the Postfix guys believe that the queue file structure 
> is there own internal "thing"
> which they do not or would not make public and if a new upgraded 
> structure is created MS will fail miserably
> upon Postfix upgrade. Remember that MS depends on this structure to 
> properly make changes in the
> files.
Yes, they treat the queue file structure as "private". Slightly strange 
concept in open source, where surely nothing is private? Sendmail 
documents its internal queue structure very well, and they are quite 
happy for you to use it. Exim doesn't document it but support 
MailScanner perfectly happily (the authors of Exim run MailScanner 
themselves on all their mail). Only the Postfix guys have an issue with 
me doing this. It's entirely political, I dared to think of a method of 
handling messages that was faster than their way, and so was "thinking 
outside the box", which appeared to upset them. Maybe because they 
didn't think of it? :-)

The only thing I have ever asked of the Postfix guys is that they bother 
to document their internal file structure so I don't have to read their 
code to work it out. As it's open-source, there is no "reverse 
engineering" or "hacking" involved, as I can logically extract the 
format from their source code, which is what I did. It would just have 
been nice to have been able to do it rather more easily from a written 
spec. But they have never agreed to do that. As far as I'm concerned, 
that is their problem, not mine. :-)

>
> I was very suddened by the discussion in the Postfix lists. In my view 
> this sort of thing should
> happen in the commercial software world, not on open source projects.
I whole-heartedly agree!
> I would appreciate an answer (even if it is obvious) from somebody 
> that knows enough of the internals
> of MS.
Would "the author" do you well enough? :-)
>
> thanks!
My pleasure.

Best regards,
Jules.

> Andreas Kasenides
>
> Joseph L. Casale wrote:
>>
>> Hi,
>> I was looking for a complete tutorial to setup a mail filter for our 
>> existing server and came upon the following article 
>> (http://www.howtoforge.com/linux_spam_filter_mail_gateway) but 
>> reading the comments below it, it stated the implementation of 
>> Mailscanner with postfix in this manner was unsupported?
>>
>>  
>>
>> Can you guys confirm or deny this, and if so possibly recommend a 
>> similar tutorial?
>>
>>  
>>
>> Thanks for any input!
>> jlc
>>
>

Jules

- -- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.7.0 (Build 867)
Comment: Use Thunderbird's Enigmail Add-on to verify this message
Charset: ISO-8859-1

wj8DBQFHREnAEfZZRxQVtlQRAlwfAKDrqZjLR+5Abjh6IMW6vnLSbdwJQgCgwDsC
ehjiTGILPCK2S+4uZGrlXEY=
=uTox
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list