Well I'll try not to top post and unleash the dogs! :) > However I couldn't find any description of a > successful implementation with a similar setup than ours -- I > would guess at least a few other companies must follow the same model.
I'm in the process of going live with the standard: [firewall]--[SA Gateway (DMZ)]--[exchange] > I received many replies to my previous post from people who > work in companies having implemented SA, but none of them do > the blocking at the gateway level, they give the choice to > the users. With our infrastructure, we cannot do that, as the > SA server will not know anything about the mailboxes, it > would just be a relay, no local /var/spool/mail directory, no > local /home/xxx directory for the users ! I use aliases to separate procmail files per user. This way I can customize settings without having real users. I can completely turn on/off SA and have separate or global white/black lists. (Thanks to Tony Svanstrom!) I also thought that this setup must be widely used and it should be easy to find documentation. However that wasn't the case. I have not found a simple document that describes how to configure this setup. I thought it would have been a FAQ :) I also used the extended access list from http://basic.wirehub.nl/spamstats.html to block spam at SA gateway to save traffic. (Sorry Theo, this list was better then yours LOL!) This is a great replacement from relying on flacky RBL servers. One day I'll write a script that automates the process :) > I think most companies are afraid of implementing opensource You let them know? LOL We secretly replace their server and they can't taste the difference :) > I am desperate to get SA implemented (I just love it!!) but > we wouldn't like to reinvent the wheel if someone else did a > similar implementation Again, that was my thoughts exactly. But I never found the _one_ document. Not only having to sift thru different kinds of installs, (Postfix, sendmail, qmail,...) but different techniques for personal/business installs. Quite confusing. I'm still trying to hide info about my exchange server from being inserted into the header of outgoing email, but that's a different problem and some have given me things to try already. The people on this list have been *extremely* helpful and patient with me :) I can't thank them enough. > I appreciate this is a very long email (apologies), if this > post has got nothing to do with this mailing list, I am more > than happy to carry the discussion off it with anyone who > feels they are in the same position as me, as my company. > > Best Regards, > Stephane I'd be glad to tell you how I stumbled thru this off list if you want more detail :) Chris ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
