I currently use a mailgateway running spamassassin and postfix. It works beautifully for what we need.
I have it setup to forward domain mail for our exchange server. If I am not mistaken all you need to do is setup sendmail to forward mail for you domain to you exchange server with out having to setup up aliases or users on the linux box. I can tell you how to set it up with postfix but I believe there are a few minor differences in the mail forwarding for sendmail so I doubt it will help much. The one drawback is that you still receive mail for nonexistent users on your exchange box.
Dan
Sysadmin
Angel Fire Resort
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 07, 2003 10:09 PM
To: Alain Fauconnet
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [SAtalk] How to do? Linux/Spam Assasin running as a gateway spam filter f or another mail server.
We accomplish the internal relay a bit differently, but works very nicely.
Instead of creating user accounts on the sendmail relay for every user, we create aliases.. for example, I have
tnelson: [EMAIL PROTECTED]
tony.nelson: [EMAIL PROTECTED]
tony_nelson: [EMAIL PROTECTED]
internal.starpoint.com is our (sigh) Notes server..
The benefit of this approach is that bounces of non-existant users actually works the way one might expect.
The drawback is that we're currently using some 7+ year old tcl code to generate these aliases from a text file... I working on a web based system in my "spare" time.. but it will be very specific to the kinds of things we need at our company so not very valuable to the open source community :(
The alias idea still works well if you can find a simple way to manage it.
Tony Nelson
Director of IT Operations
Starpoint Solutions
115 Broadway, 2nd Fl.
New York, NY 10006
Alain Fauconnet <[EMAIL PROTECTED]>
Sent by: To: [EMAIL PROTECTED]
[EMAIL PROTECTED] cc: [EMAIL PROTECTED]
ceforge.net Subject: Re: [SAtalk] How to do? Linux/Spam Assasin running as a
gateway spam filter f or another mail server.
07/07/2003 11:17 PM
On Tue, Jul 08, 2003 at 11:42:33AM +0930, [EMAIL PROTECTED] wrote:
> I've got spam assassin working like a dream on our small sendmail box.
> works like a bought one. what i want to do is setup a gateway
arrangment
> for an Exchange Server (everyone shudders, i know).
>
> like so:
>
> Internet -> Linux Sendmail with SpamAssasin -> Exchange Server
>
> has anybody attempted such a thing? i've been searching google for
> quite
a
> while and not found any howtos... on the sendmail box i'm attempting:
>
> 1. that i don't need to create accounts for everyone on the exchange
> server?
You don't. Just make sure that your sendmail box will relay all mail for domain.com (let's assume that's you domain) to your Exchange box. A little side-effect: all messages sent to non-existing addresses in your domain (errors or more likely dictionary spam attacks) will cross your gateway two times (incoming message and bounced error). Quite often, the bounce won't deliver so it will be stuck in the queue of your gateway. Thus its load might be higher than you imagine.
> 2. that it sholdn't deliver to the linux box at all, but simply scan
> and forward.
To achieve this:
- make sure that domain.com is _not_ in /etc/mail/local-host-names, so that your gatweway will only deliver mail to [EMAIL PROTECTED] locally
- enable the use of the mailertable map in sendmail configuration
- in /etc/mail/mailertable, have a line like:
domain.com esmtp:exchangebox.domain.com
> 3. no mail will be deleted, but will simply have the spam score in
> the message header and the Spam in the subject line. then the users
> of the exchange server will be able to filter based on Spam Score or
> the subject line or whatever.
This is pretty much a default SA configuration. I recommend using amavisd-new (http://www.ijs.si/software/amavisd/) to plug SA into sendmail because it interfaces very nicely with sendmail at the Milter interface, has a very well documented setup and configuration file, is fast and stable.
You may have to recompile sendmail from source to support Milter, however. It's nice and easy on all popular Unices.
> 4. I don't need to scan outgoing mail but i guess that wouldn't hurt
> as well.
You mean tag spam originating from your domain? Sounds strange... or are you talking about virus scanning here?
Greets,
_Alain_
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Spamassassin-talk mailing list [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
