Date: Wed, 15 Oct 2003 10:17:09 +0100 (BST) From: Jethro R Binks <jethro.binks@strath.ac.uk> To: freebsd-stable@freebsd.org Subject: Re: Spamassasin Message-ID: <20031015094441.H74784@defjam.cc.strath.ac.uk> In-Reply-To: <20031015010253.I3727@light.sdf.com> References: <20031012123823.M25378@littlejack.nl> <200310121213.34769.wes@softweyr.com> <1066164638.6688.5.camel@hawk.gnome.co.uk> <20031015010253.I3727@light.sdf.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm aware that we're straying off topic for FreeBSD-stable here now, so this will be brief(ish). On Wed, 15 Oct 2003, Tom wrote: > > Exim/sendmail+MailScanner combinations are used extensively in the UK > > academic community to good effect. Those close to Exim's author use > > Exim+MailScanner, and advice on one way of integrating Exim+MailScanner > > was written by Exim's author. > > Uhh... perhaps if you replace "MailScanner" with Exiscan, that all might > actually be true. Exiscan is way better than MailScanner. Exiscan does > not need to muck around with Exim queue files, since it directly > integrates into Exim. Probably because the author of Exiscan and > Exim actually work together on this. It is still true if you don't make the replacement. They are philosophically different, that's true, and it is also true that 'mucking around with queue files' does grate with some people. Yes, Exiscan's author does co-ordinate with Exim's author closely, and that's a good thing. MailScanner's design means that MS's author doesn't _need_ to co-ordinate with Exim's author as long as the queue format stays consistent (Philip doesn't arbitrarily change things where possible, and gives extensive information when he does). I'm personally no fan of SMTP-time scanning for various reasons, for others it is acceptable. I'm not suggesting that MS is the solution to everyone's needs, and Exiscan is popular too. Then there is amavis and all those other ones (left as an exercise for the reader). The original statement was that "MailScanner seems to be poorly designed", and if you consider interfacing with the mail queue directly a 'poor design', then that's a natural conclusion. But if one is happy that such interfacing is secure, robust, (usually determined by means of good queue documentation) and can't lead to loss of mail, then _I_ don't have a problem with it, and neither do the thousands of other satisfied users (I don't know anything about Exiscan's usage). If Postfix's design means that the queue is deliberately non-documented and may be changing, then clearly MailScanner is not an ideal solution -- but it doesn't per se mean that it is a 'bad' design, just a different one. The design works fine with the two other significant MTAs (I discount qmail here as well and truly dead <bait>). > > Speaking personally, MS has saved us time and time again from email-bourne > > threats over the past couple of years, and allowed us to implement a > > fine-grained mail security policy that is customisable on a per-user basis > > if necessary. No other AV solution offers even half the features and > > configurability that MS does, and MS now scans and protects huge amounts > > of mail in many many installations. Our site was protected from > > Sobig.whatever before the thing was even released, without needing to wait > > for AV definitions to be updated. > > FUD actually. OK then, remove "No other AV solution offers even half the features and configurability that MS does, and" if it offends. Otherwise, the rest is fact. The feature list for MailScanner is here: http://www.sng.ecs.soton.ac.uk/mailscanner/readme.shtml I couldn't find an equivalent for Exiscan (if anyone can show me one, I'd be interested to read it). Seems to me if you want per-user customisation, you have to program it into the Exiscan ACLs. MS makes it as simple as putting an address in a file. It should be remembered that this thread started off with Postfix. Exiscan doesn't work with anything other than Exim. Mailscanner works with Sendmail and Exim, and lately Postfix (so far as you accept the dangers of breaking the intentionally 'closed' model that Postfix presents). If you're in a multi-MTA environment, Exiscan, while good for some, doesn't help. > In fact, the way mailscanner mucks around with queue files was something > that should have been abandoned long ago, since there are better methods > available. That's a personal philosophical position that some agree with and some don't. If you're inflexible in that position, then inevitably some products must be discounted. As always, people should draw their own conclusions, based on evaluation in their own circumstances, community and vendor support, features, flexibility, hardware implications, pricing, and so on. J. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks Computing Officer, IT Services University Of Strathclyde, Glasgow, UK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031015094441.H74784>