Michael D Schleif wrote on 15/11/2005 00:01:
* Sloath <[EMAIL PROTECTED]> [2005:11:14:18:44:49+0100] scribed:
Michael D Schleif wrote on 13/11/2005 07:57:
* Tom Collins <[EMAIL PROTECTED]> [2005:10:27:22:30:26-0700] scribed:
On Oct 27, 2005, at 5:02 PM, Michael D Schleif wrote:
We have a client that runs Groupwise on a Netware server on their LAN.
We manage everything on this LAN; and, we handle their DNS for their
domains.
We want to scrub all of their _incoming_ email on our remote toaster,
doing what it does best, then forward *ALL* of their email onto that
Groupwise box.
Use simscan. Make your server the only MX for the domain. Put the
domain in /var/qmail/control/rcpthosts (or morercpthosts and run
qmail-newmrh). Do *not* add their domain to locals or virtualdomains.
Add an entry in /var/qmail/control/smtproutes to route the scanned mail
to their Groupwise server.
--
Tom Collins - [EMAIL PROTECTED]
QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/
You don't need a laptop to troubleshoot high-speed Internet:
sniffter.com
I finally got back on this one. Yes, setup was simple; and, yes,
messages _do_ go through our toaster, and they _do_ end up in the
Groupwise server.
This setup does *not* appear to work. I am still waiting for the
Groupwise admin to send to me the complete headers for the test
messages; but, I am told that *none* of these test messages include
spamassassin headers.
In fact, the following does *not* show _any_ activity for test messages:
tail -f /var/log/{cl,sp}amd/current
I am not clear which process comes first,
/var/qmail/control/smtproutes
or simscan ???
What do you think?
The diagram of the found at http://www.nrg4u.com/ does a very good job
of explaining the qmail process....
man qmail-control will also tell what each control file is used by.
In your case:
qmail-smtp check incoming email envelope recipient addresses against the
contents of rcpthosts to see if it should be accepted.
It then passes the email onto qmail-queue, unless $QMAILQUEUE is set in
which case it will invoke the program named.
A simple /home/vpopmail/etc/tcp.smtp should include
:allow,QMAILQUEUE="/var/qmail/bin/simscan"
The message is then passed to qmail-send which determines whether the
message is local or remote by the presence( or lack of ) the
envelope recipient in the virtualdomains or locals file.
If it is determined to be remote, it is passed to qmail-rspawn and then
qmail-remote.
Qmail-remote checks smtproutes for the domain and sends the message as
appropriate.
The short answer was, simscan comes first.
You turn on debug in simscan by putting the following in
/service/qmail-smtpd/run before the call to exec.
SIMSCAN_DEBUG=2
export SIMSCAN_DEBUG
The other thing to check is the /var/qmail/control/simcontrol file
Make sure clam and spam are set to yes, otherwise they won't be invoked.
Regards
Tom Beardshall
OK.
# cat /home/vpopmail/etc/tcp.smtp
127.:allow,RELAYCLIENT=""
:allow,QMAILQUEUE="/var/qmail/bin/simscan"
24.15.252.147:allow,RELAYCLIENT=""
Remember, this is a functioning toaster. It has a couple dozen virtual
sites, and hundreds of users. *ALL* of the functionality, including
spamassassin _and_ clamav, work successfully, and as expected, for these
users.
In fact, doing this:
tail -f /var/log/{cl,sp}amd/current
I can watch messages pass through simscan, clamav and spamassassin --
provided that they are destined for a virtual user.
Point of fact, GTUBE tests to virtual users result in spamassassin
counts of 999 -- for virtual users; but, I do not see them pass through
simscan; nor are they marked by spamassassin at the Groupwise
destination.
However, the Groupwise administrator cannot seem to get complete
messages and headers to me for inspection. Does anybody here know how I
can have him extract a message from Groupwise?
What am I missing?
How can I test this further?
What do you think?
I've just tried your setup, using rcpthosts and smtproutes to accept &
forward messages for a domain.
It works fine, with simcan calling both spam and clamav on each message.
Sorry to ask this... Can we assume your're not testing your setup by
sending emails from 24.15.252.147 or localhost?
If they can't get you a copy of a message... have you thought of adding
the qmail-tap patch? (Details on shupp.org)
Then you can take a copy of each messsage being forwarded to your
clients domain and inspect it.
Regards,
Tom Beardshall
