Quoting Philip Reynolds (philip.reynolds at rfc-networks.ie):
> I'm sorry, this is one particular area where I've done quite a bit
> of research.
I'm glad to hear that. But I'm not sure you're reading attentiveness
is at the same level as your research skills, as we shall see below.
> Content scanning at the SMTP level on large production
> machines will (for want of a better phrase) bite you in the ass with
> Postfix.
Although interesting, this appears to be a mild change of subject, since
(as I've already mentioned) almost all junkmail has already been
discarded before "content scanning" (SA during SMTP, in my case) is
applied at all. Thus, I would already be massively ahead of the game --
compared to traditional SMTPd configurations -- if I were to disable
spamicity testing entirely.
Since that was my main point, since I have stressed that repeatedly, and
since you've chosen to ignore it, I can only assume that your listening
skills are somewhat on holiday. Not a huge problem: We all have that
happen from time to time.
> Is your mailserver serving 100,000+ mails a day? No? Then
> you probably won't have a problem, until a spammer gets hold of you
> and you get joe-jobbed, relay bombed or dictionary attacked.
Young man, my SMTP hosts have been joe-jobbed, dictionary attacked, and
just about everything else by spammers: Having been one of the NANAE
activists targeted in the Joe's Cyberpost / Joe Doll / Yuri Rutman
incident, I even know where the term "joe-jobbed" _came_ from, having
been in the thick of that case at the time.
Respect your elders, please. ;->
> How Exim works, I'm unaware, I don't know it's internal
> architecture. I'm aware how to configure it to work, and not much
> more. What I do know is this, Postfix scales better under load,
> that's from my own personal experience with Postfix and Exim and the
> testimonies of numerous people.
Surprisingly given its monolithic architecture, I've been hearing (from
people I actually respect, as opposed to them being merely numerous)
that Postfix's scaling is noticably better at very high load levels, but
not dramatically so. (Vide: "MTAs" on http://linuxmafia.com/kb/Mail ).
As I've said, I respect Postfix highly. I have no special loyalty to
Exim, but just find some aspects of it to be a happy accident. Other
things being equal, Postfix's modular nature has obvious security
advantages (in theory, at least).
> Postfix can reject mail based on practically any circumstance, now
> the policy daemon has been introduced, but it has native support for
> access maps, RBL's, header_checks and plenty of other sanity checks
> that allows it to reject at SMTP level. Scanning of content (i.e.
> spam filtering, virus scanning) should be done AFTER the e-mail is
> accepted.
Regardless of one's view on the latter issue, I'm delighted to hear that
the rest is now within reach for Postfix admins. Now, if only someone
would construct a prepackaged configuration of checks that is as useful
and effective as sa-exim.
> Accept mail, scan it then bounce it. I won't bother repeating myself
> anymore.
Bouncing mail you know is 99.9% certain to have a forged sender is
unethical as well as stupid. I won't bother to repeat myself, any more.
--
Cheers, Founding member of the Hyphenation Society, a grassroots-based,
Rick Moen not-for-profit, locally-owned-and-operated, cooperatively-managed,
rick at linuxmafia.com modern-American-English-usage-improvement association.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
