From owner-freebsd-stable@FreeBSD.ORG Tue Oct 14 15:47:16 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC3B416A4B3 for ; Tue, 14 Oct 2003 15:47:16 -0700 (PDT) Received: from edfu.cc.strath.ac.uk (vif-mailread-o.cc.strath.ac.uk [130.159.16.85]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86B7843FCB for ; Tue, 14 Oct 2003 15:47:14 -0700 (PDT) (envelope-from jethro.binks@strath.ac.uk) Received: from defjam.cc.strath.ac.uk ([130.159.96.19]:3376) by edfu.cc.strath.ac.uk with esmtp (Exim 4.22 #2) id 1A9Xwe-0000r8-Ob for ; Tue, 14 Oct 2003 23:47:12 +0100 Date: Tue, 14 Oct 2003 23:47:12 +0100 (BST) From: Jethro R Binks To: freebsd-stable@freebsd.org In-Reply-To: <1066164638.6688.5.camel@hawk.gnome.co.uk> Message-ID: <20031014232435.L64920@defjam.cc.strath.ac.uk> References: <20031012123823.M25378@littlejack.nl> <200310121213.34769.wes@softweyr.com> <20031014115902.GA25582@rfc-networks.ie> <1066164638.6688.5.camel@hawk.gnome.co.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Strath-Information: Contact for more information X-Strath-Scan: clean X-Strath-UBECheck: Subject: Re: Spamassasin X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Oct 2003 22:47:17 -0000 On Tue, 14 Oct 2003, Chris Stenton wrote: > On Tue, 2003-10-14 at 12:59, Philip Reynolds wrote: > > > > Mailscanner seems like a very poorly designed piece of software, at > > least from my experience with Postfix. > > > > It directly manipulates the Postfix queue which can cause message > > corruption. This has been raised on the Postfix list recently and > > since Wietse & co. have been advising _against_ using it with > > Postfix. > > Interesting. I still use sendmail (with check_local) and it seems OK > with that but it is setup to use an in and out queue. MailScanner was originally written to interface with sendmail, using an in-queue and an out-queue mechanism. Sendmail's queue files are well documented. Exim support came shortly after, Exim being architecturally very similar to sendmail. Again, there is good documentation for the queue format, and its queue handling is robust. Exim/sendmail+MailScanner combinations are used extensively in the UK academic community to good effect. Those close to Exim's author use Exim+MailScanner, and advice on one way of integrating Exim+MailScanner was written by Exim's author. MailScanner's design is pretty simple: it expects the SMTP daemon to place incoming mail in a queue, and do nothing more with it. MS will process messages in that queue, and when done launch an outgoing mail process to deliver it or place messages in an outgoing queue for an MTA to read. It handles locking and such like, and makes sure that messages are not finally removed from the incoming queue until they have been fully processed and submitted for onward delivery. Postfix support was only fairly recently added after repeated requests. I've heard that the queue format is less clearly documented (I don't know; I don't use postfix). I also understand that the Postfix developers prefer other programs not to mess around with the Postfix queue directly. Whether MS does so robustly or not I couldn't say: best ask someone who runs Postfix+MS. If Postfix's developers are unhappy with the way that MS does so, then I guess it isn't surprising that they would advise against using MS. MS' developers strive for robustness, so if the information is readily available on how to safely access the Postfix queue they will probably have taken it into account. Speaking personally, MS has saved us time and time again from email-bourne threats over the past couple of years, and allowed us to implement a fine-grained mail security policy that is customisable on a per-user basis if necessary. No other AV solution offers even half the features and configurability that MS does, and MS now scans and protects huge amounts of mail in many many installations. Our site was protected from Sobig.whatever before the thing was even released, without needing to wait for AV definitions to be updated. Just felt that a little defence of MS was necessary. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services University Of Strathclyde, Glasgow, UK