<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3132" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>I sorta hesitate to send the whole
thing for privacy's sake, but most is pretty straight forward. The parts
that gave me pause I'll outline below - if you have questions beyond that holler
and I'll try to fill in the blanks.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>Whitelist your internal networks so
any host on the inside can use your mail server. </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>For example:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>
WhitelistIP 192.168.0.0/16<BR></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2> </DIV></FONT></SPAN><SPAN
class=677022315-12102007>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007></SPAN></FONT></DIV>
<DIV><SPAN class=677022315-12102007><FONT face="Comic Sans MS" color=#000080
size=2>The host I grabbed the config from is called mx2.ci.juneau.ak.us - so
that's what goes in "PublicName". You'll want to enter the name of your
mail gateway as I would see it - i.e., what is used for the MX record in
DNS.</FONT></SPAN></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2> </FONT></SPAN><FONT
face="Comic Sans MS" color=#000080 size=2># FQDN of the publicly visible IP
address of the interface<BR><SPAN class=677022315-12102007> </SPAN># of an
outgoing connection of your Sendmail daemon<BR><SPAN
class=677022315-12102007> </SPAN># It will be used with the SMTP HELO
command for SAV and RAV<BR><SPAN class=677022315-12102007>
</SPAN>#<BR><SPAN class=677022315-12102007>
</SPAN>#PublicName
yourhost.yourdomain.tld # it
*MUST* be corrected properly<BR><SPAN class=677022315-12102007>
</SPAN>PublicName mx2.ci.juneau.ak.us</FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>Mail to this address is whitelisted I think, so
complaints/errors can come in:</SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007> # Any valid e-Mail address of your local domain
for the safe call-out purposes<BR> #SafeCallBack <A
href="mailto:postmaster@yourdomain.tld">postmaster@yourdomain.tld</A>
# it *MUST* be corrected properly<BR> SafeCallBack <A
href="mailto:postmaster@ci.juneau.ak.us">postmaster@ci.juneau.ak.us</A><BR></SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>This is the one that wasn't really clear to me.
Basically it's asking for the name or address of the host that knows who
all your users are. In this case it's my Exchange server. I used a
phoney name here (but the real name in my actual config). This is the
machine the LDAP looks are directed to.</SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS"><FONT color=#000080><FONT size=2><SPAN
class=677022315-12102007> </SPAN>#MailStore
yourhost.yourdomain.tld #
uncomment and set it properly<BR><SPAN class=677022315-12102007>
</SPAN>MailStore <SPAN
class=677022315-12102007>cbjmail</SPAN>.ci.juneau.ak.us<BR></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>Pretty much everything else was just left as the
default. Of course, I've added remote hosts to the whitelist section as
the situation warranted. You can see who's being denied in /var/log/mail
(or where ever you mail logs go).</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT face="Comic Sans MS"><FONT color=#000080><FONT
size=2></FONT></FONT></FONT> </DIV>
<DIV><FONT><FONT><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>Re: the milter. You have to add the following to
the end of your sendmail.mc then rebuild your sendmail.cf
file:</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007></SPAN></FONT></FONT></FONT> </DIV>
<DIV><FONT><FONT><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>define(`confMILTER_MACROS_HELO',
confMILTER_MACROS_HELO`, {verify}')dnl<BR>INPUT_MAIL_FILTER(`smf-sav',
`S=unix:/var/run/smfs/smf-sav.sock,
T=S:30s;R:4m')dnl<BR></DIV></SPAN></FONT></FONT></FONT>
<DIV><FONT><FONT><SPAN class=677022315-12102007><FONT face="Comic Sans MS"
color=#000080 size=2>Sendmail shouldn't be running, of course, while all this is
happening. I presume that you were able to successfully compile smf-sav
and it's installed. Now you just need to start smf-sav before you start
MailScanner (since MailScanner starts sendmail). You do that via the
normal Linux startup scripts. If you're new to Linux, you'll find them
</FONT></SPAN></FONT></FONT><FONT><FONT><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>in /etc/init.d/. In that
directory are many different scripts to start the system related stuff you have
installed. Common examples are you networking stuff, database programs,
web servers, etc. There are four scripts that come with smf-sav, if memory
serves: one each for slackware, redhat, freebsd and solaris. If you're
using Redhat or one of it's clones like Fedora, copy the smfsav.redhat over to
the /etc/init.d directory and then create the links to it in the appropriate run
level directories. That varies slightly from linux flavor to
flavor. </FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT><FONT><SPAN class=677022315-12102007><FONT face="Comic Sans MS"
color=#000080 size=2></FONT></SPAN></FONT></FONT> </DIV>
<DIV><FONT><FONT><SPAN class=677022315-12102007><FONT face="Comic Sans MS"
color=#000080 size=2>If you're not familiar with that, grab a manual appropriate
to your distribution and read about how that works. It's really pretty
straight forward, simple to explain, but potentially a lot of typing to do so.
<g> It's a pretty fundemental skill for managing a Linux box, so if
you don't already understand it, you really need to get an understanding of it
before you get in much deeper.</FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT><FONT><SPAN class=677022315-12102007><FONT face="Comic Sans MS"
color=#000080 size=2></FONT></SPAN></FONT></FONT> </DIV>
<DIV><FONT><FONT><SPAN class=677022315-12102007><FONT face="Comic Sans MS"
color=#000080 size=2>Hope this helps...</FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007></SPAN></FONT></FONT> </DIV>
<DIV><FONT><FONT><SPAN class=677022315-12102007></SPAN></FONT></FONT><FONT
size=2>...Kevin<BR>--<BR>Kevin
Miller
Registered Linux User No: 307357<BR>CBJ MIS
Dept.
Network Systems Admin., Mail Admin.<BR>155 South Seward
Street ph: (907) 586-0242<BR>Juneau, Alaska
99801 fax: (907
586-4500<BR> </FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Steven
Andrews<BR><B>Sent:</B> Friday, October 12, 2007 4:59 AM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> RE: sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>any chance you can share your config? i've got it
installed, but i really don't understand what smf-sav.conf is wanting me to
config.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>also the readme says to add this milter to startup scripts
before sendmail....also not quite sure what that's asking. it references
some start up script examples...can't seem to find them.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>thanks.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>steve</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Kevin
Miller<BR><B>Sent:</B> Thursday, October 11, 2007 3:20 PM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> RE: sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=793195518-11102007><FONT
face="Comic Sans MS" color=#000080 size=2>Take a look at the smf-sav
milter - a number of folks here are using it, including myself, and it
works just jiffy. Quite easy to set up. I'm not sure about the
multiple domains part. I accept for multiple domains, but my Exchange
server knows about all of them, so it isn't a problem. If you have
multiple Exchange servers that don't do address synchronization it may or may
not work. But it's easy, free and works well for us
here...</FONT></SPAN></DIV>
<DIV> </DIV><!-- Converted from text/plain format -->
<P><FONT size=2>...Kevin<BR>--<BR>Kevin
Miller
Registered Linux User No: 307357<BR>CBJ MIS
Dept.
Network Systems Admin., Mail Admin.<BR>155 South Seward
Street ph: (907) 586-0242<BR>Juneau, Alaska
99801 fax: (907
586-4500<BR> </FONT> </P>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Steven
Andrews<BR><B>Sent:</B> Thursday, October 11, 2007 10:52 AM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Can anyone comment
on if this works?</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2><A
href="http://www.mailarchive.ca/lists/comp.mail.sendmail//2005-06/0022.html">http://www.mailarchive.ca/lists/comp.mail.sendmail//2005-06/0022.html</A></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>I'm currently
running as suggested in the wiki:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2><A
href="http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:setup_a_gateway">http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:setup_a_gateway</A></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>I tried the above
and everything got bounced back 550.</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Also wondering if
you have multiple domains, I assume you need multiple:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>LDAPROUTE_DOMAIN(`yourdomain.com') </FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>One for each domain,
but do you need multiple define('confLDAP_DEFAULT_SPC....
lines?</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>OS is CentOS 4.3,
sendmail is 8.13.1 The author makes reference to compiling sendmail to
work with ldap. sendmail -bt -d0.1 responds:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Using username
"root".<BR>Last login: Thu Oct 11 11:47:16 2007 from
mail.xxxxxxx.com<BR>[root@spamfiilter ~]# sendmail -bt -d0.1<BR>Version
8.13.1<BR> Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG
MAP_REGEX<BR>
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET
NETINET6<BR>
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP
STARTTLS<BR>
TCPWRAPPERS USERDB USE_LDAP_INIT</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>============ SYSTEM
IDENTITY (after readcf) ============<BR> (short
domain name) $w = spamfilter<BR> (canonical domain name) $j =
spamfilter.xxxxxxx.com<BR>
(subdomain name) $m =
xxxxxxx.com<BR>
(node name) $k =
spamfiilter<BR>========================================================</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>ADDRESS TEST MODE
(ruleset 3 NOT automatically invoked)<BR>Enter <ruleset>
<address><BR>><BR></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2></FONT></SPAN><SPAN
class=866003918-11102007><FONT face=Arial size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>Thanks!</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>Steve</FONT></SPAN></DIV></BODY></HTML>