Re: Mail Server Architecture

Hey, folks, this is what I'm working on right now ... www.maildroid.org I'm releasing an ALPHA CD/.iso on or around May 19th. You'll be able to download it and play around with it. I'm running it on my MTA right now, but it is FAR from a final solution. Any Ideas/fee

Re: Mail Server Architecture

>Wow! Such stupid arguments and remarks with statements >such as "I could be wrong on this". A couple of security >alets with postfix in the past few weeks? Make sure you >know wtf you're talking about before you put your foot >in your mouth. It was late at night, I wrote the email off the top of m

Re: Mail Server Architecture

On 11-May-05, at 4:20 AM, Smith wrote: This is a very dangerous approach to take, relying solely on the final mail reader's client to correctly handle malicious messages. Dangerous is a fact of life, dealing with Windows workstations. I'd rather deal with a client mishandling a malicious messag

Re: Mail Server Architecture

On Wed, 2005-05-11 at 02:17:51 -0400, Bruno Delbono proclaimed... > You've got to be kidding me. Such moronic OpenBSD zealtory with no real > world arguments to back it up? What "enterprise" runs OpenBSD sendmail > as it's main MTA. If you're an enterprise, you'd be running something > Ironmail

Re: Mail Server Architecture

From: "J.C. Roberts" <[EMAIL PROTECTED]> PS - Maybe someone can teach you mail 101. It's never a good idea to have a CNAME to be the MX. confuciun.com. 497 IN MX 10 mail.confuciun.com. mail.confuciun.com. 600 IN CNAME confuciun.com. Though the answer is suppos

Re: Mail Server Architecture

On Wed, May 11, 2005 at 05:38:09AM -0700, J.C. Roberts wrote: > On Wed, 11 May 2005 02:23:43 -0400, Bruno Delbono > <[EMAIL PROTECTED]> wrote: > > >Smith wrote: > >> alerts. If sendmail has a security alert and OpenBSD is vulnerable, > >> OpenBSD will let me know pretty quickly. I don't need to

Re: Mail Server Architecture

On May 11, 2005, at 8:38 AM, J.C. Roberts wrote: On Wed, 11 May 2005 02:23:43 -0400, Bruno Delbono <[EMAIL PROTECTED]> wrote: Smith wrote: alerts. If sendmail has a security alert and OpenBSD is vulnerable, OpenBSD will let me know pretty quickly. I don't need to keep track of sendmail alerts, j

Re: Mail Server Architecture

On Wed, 11 May 2005 02:23:43 -0400, Bruno Delbono <[EMAIL PROTECTED]> wrote: >Smith wrote: >> alerts. If sendmail has a security alert and OpenBSD is vulnerable, >> OpenBSD will let me know pretty quickly. I don't need to keep track of >> sendmail alerts, just OpenBSD's. > >PS - Maybe someone

Re: Mail Server Architecture

Here are my $.02, YMMV. 1) Security should always be layered (belt & suspenders / whatever). 2) If the site is large enough to warrant the expense, I don't run anything on the firewall other than NAT, packet filtering, and IPSec. 3) HTTP Proxies (both ways), smtp proxies, web servers, etc., all go

Re: Mail Server Architecture

Smith wrote: alerts. If sendmail has a security alert and OpenBSD is vulnerable, OpenBSD will let me know pretty quickly. I don't need to keep track of sendmail alerts, just OpenBSD's. PS - Maybe someone can teach you mail 101. It's never a good idea to have a CNAME to be the MX. confuciun.co

Re: Mail Server Architecture

Smith wrote: I've been playing with OpenBSD for around 5 years. I vaguelly recall only one security alert for sendmail in all that time (I could be wrong on this). I also vaguelly recall postfix having a couple of security alerts within the last couple of weeks (I could be wrong on this). And

Re: Mail Server Architecture

> After mulling over the idea of having a virus/spam filter on an MTA, I > believe that the best solution is to use an enterprise anti-virus > program like Norton Anti-Virus and an email client that supports > Bayesian spam filtering. The setup should be where the anti-virus > server downloads the

Re: Mail Server Architecture

This is a very dangerous approach to take, relying solely on the final mail reader's client to correctly handle malicious messages. Dangerous is a fact of life, dealing with Windows workstations. I'd rather deal with a client mishandling a malicious message than have my MTA rooted because I d

Re: Mail Server Architecture

Kevin wrote: > Ray Lillard wrote: 2. Open source virus tools like ClamAV use an independent database that is often updated sooner than Norton et.al. and is often more comprehensive. The last time I actually researched the signature release history of AV vendors (Clam/Trend/McAfee/Symantec(N

Re: Mail Server Architecture

> Smith wrote: > > After mulling over the idea of having a virus/spam filter on an MTA, I > > believe that the best solution is to use an enterprise anti-virus > > program like Norton Anti-Virus and an email client that supports > > Bayesian spam filtering. The setup should be where the anti-virus

Re: Mail Server Architecture

Smith wrote: After mulling over the idea of having a virus/spam filter on an MTA, I believe that the best solution is to use an enterprise anti-virus program like Norton Anti-Virus and an email client that supports Bayesian spam filtering. The setup should be where the anti-virus server downlo

Re: Mail Server Architecture

After mulling over the idea of having a virus/spam filter on an MTA, I believe that the best solution is to use an enterprise anti-virus program like Norton Anti-Virus and an email client that supports Bayesian spam filtering. The setup should be where the anti-virus server downloads the lates

Re: Mail Server Architecture

On Tue, 10 May 2005 14:31:18 -0700, Claus Assmann <[EMAIL PROTECTED]> wrote: >On Tue, May 10, 2005, L. V. Lammert wrote: > >> 1) Vilter/Milter - using sendmail to scan incoming messages in realtime. > >> Con: Possibility of locking up sendmail daemon; performance hit >> for large mess

Re: Mail Server Architecture

On Tue, 10 May 2005 15:14:35 -0500 (CDT), "Matthew Weigel" <[EMAIL PROTECTED]> wrote: >L. V. Lammert said: > > >> 4) Cyrus - doesn't seem to be a package nor complete port in the tree? > >Cyrus is not an MTA. It is not a mail filter. It's an IMAP server. Actually, Cyrus is a general project nam

Re: Mail Server Architecture

El mar, 10-05-2005 a las 14:31 -0700, Claus Assmann escribis: > On Tue, May 10, 2005, L. V. Lammert wrote: > > > 1) Vilter/Milter - using sendmail to scan incoming messages in realtime. > > > Con:Possibility of locking up sendmail daemon; performance hit > > for large messages. > >

Re: Mail Server Architecture

Matthew Weigel wrote: > Cyrus is not an MTA. It is not a mail filter. It's an IMAP server. It does also pop and it is now integrated in the CURRENT ports tree. Antoine

Re: Mail Server Architecture

On Tue, May 10, 2005, L. V. Lammert wrote: > 1) Vilter/Milter - using sendmail to scan incoming messages in realtime. > Con: Possibility of locking up sendmail daemon; performance hit > for large messages. How does a milter lock up the sendmail daemon? 1. The sendmail daemon doesn

Re: Mail Server Architecture

L. V. Lammert said: > 4) Cyrus - doesn't seem to be a package nor complete port in the tree? Cyrus is not an MTA. It is not a mail filter. It's an IMAP server. -- Matthew Weigel hacker [EMAIL PROTECTED]

Mail Server Architecture

We're planning on upgrading some mail servers with 3.7, .. but we're having an internal 'debate' over the architecture. Keeping things simple (sendmail - don't need antoher MTA debate!), the question is three-fold: 1) Vilter/Milter - using sendmail to scan incoming messages in realtime. Pro