Re: [vps-mail] filtering non local account with spamassassin and clamav

["Bennett Lanford" <ben@xxxxxxxxxxxxx>]

ADNET Ghislain <gadnet@xxxxxxxx> said:

> Thanks  Scott,
> 
>   i was wondering if there was not a way to tell sendmail : just go
> throught filter 1 then filter2 (spamassassin/clamav) instead of using
> external shell or procmail recipe. I am starting to read about the
> milter lib for sendmail. 

You can run both SpamAssassin and ClamAV as milters. You can install the
spamass-milter on VPS2 by going to /usr/ports/mail/spamass-milter, then typing 

# make
# make install

Then follow the instructions that are displayed to configure the milter.

I haven't seen the ClamAV milter in ports (but it might be there now). It used
to require the next version of the gcc compiler. I ran ClamAV as a milter for
awhile, but after running for awhile, it started reporting out-of-memory
errors. (I think it might have a memory leak somewhere ...)

You can also run both of the above with the MIMEDefang milter. I ran that
setup for several weeks ... then started getting out-of-memory errors. (I
*think* it was called by MIMEDefang's calls to ClamAV ...)

> 
>   If there is no other way i will use procmail or a shell script but i
> really find this not really the best solution to launch a third program
> just to pass the mail to a filter :). I have done no testing about
> performance of the procmail thing but if sendmail can do the job this is
> an economy of processing power, and if i got a lot of emails then it can
> save the day. 

Virus scanners (like ClamAV) will significantly slow the receipt of e-mail. As
long as you plan for it (and have enough horsepower), that is not an issue.
However, if your mail server is at close to maximum capacity, adding a virus
scanning milter can bring it to its knees ...

> 
>   I stumbled upon this : http://www.snert.com/Software/milter-spamc/ but
> i don't had the time to test if vps2 handle the milter lib (shame on me
> ;). I will have to test this ! :)

On VPS2 you can use sendmail milters as documented at www.sendmail.org and
elsewhere (it is no different than a "real" sendmail server). VPS1 is a
different story: although sendmail is compiled with MILTEER support, building
a milter requires lots of path overrides to deal with the virtual/non-virtual
(chrooted/non-chrooted) paths on VPS1 ...

> > The procmail manpage has a section on how to modify your sendmail.cf
> > file to use LOCAL_RULE_0 so that all incoming mail will be rewritten
> > and passed through a designated procmail file. I believe this process
> > has been somewhat generalized and thoroughly documented by Weldon
> > Whipple at:
> > 
> >     <http://www.technoids.org/procmailfilter.html>

Even the above method *can* slow down your mail server. Essentially, you are
delivering incoming mail twice--with two calls to sendmail for each e-mail.

-- 
Bennett Lanford
ben@xxxxxxxxxxxxx


======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
======================================================================