|
> Procmail will act as the pop3 server
Not quite. My belief (and Joanne set this up, so she has the actual
details) is that Fetchmail is feeding procmail, possibly going through Sendmail
to do this. Procmail has a 2-line recipe that calls SA as part of the delivery
process for local deliery to an account on the Linux box.
Then the standard Linux pop3 server is used to let users pull mail from
this mailbox.
We don't use Clam here, since we have Semantic on the final destination
Windoze boxen, and this seems to work well enough. We're also pulling from
Earthlink accounts using pop3, and they have a first level of virus buster
there, so things actually get virus scanned twice.
I don't know if Clam can be integrated using Procmail or not. If it
can be executed as a normal Unix stdin-stdout filter, I don't know why it
wouldn't be possible to do it that way. So you should (I think!) be able
to feed to clam, and then to SA (actually spamd), and have the resulting mail
end up sitting in user mailboxes ready to be grabbed by the users using
pop3.
I don't recall if you said your users are windows-types or unixen, but I'm
assuming they are windows users. If you want to enable Bayes with this
setup you should be able to do it either per-user or site-wide fairly
easily. There is a plethora of information on setting up some imap
ham/spam drop boxes that users can easily get to from either OE or Outlook to
use for training the Bayes database. Works like a charm here.
Loren
----- Original Message -----
Sent: Thursday, July 07, 2005 7:14
PM
Subject: Re: SpamAssassin w/POP3 &
SMTP outsourced e-mail server...
Loren,
So with doing it this way and
setting up user accounts for each e-mail account on the linux box and using
Fetchmail which is installed on the Linux box to grab each users mail from the
ISP, Procmail will act as the pop3 server to allow these users to grab their
mail internally from the linux box, and SpamAssassin would filter all the spam
due to being installed on the central Linux box? Does your organization use
ClamAV to remove filter virus's from the e-mail as well?
Thanks a lot
for this.
On 7/7/05, Loren
Wilton <[EMAIL PROTECTED]>
wrote:
I don't immediately see that anyone more knowledgable
replied, so I'll toss out some possibilities/confirmations:
Yes, you need something like a Linux box. It will
run SA, and will retrieve mail using pop3 from your current provider.
Pop3proxy is one possibility. Another possibility is Fetchmail feeding
into a local mail system.
I don't recall if you said how many users you have, but my
impression is it is no more than a few thousand, perhaps only a few
hundred. At this size it would be feasible to set up an account on the
linux box for each user, and deliver mail into these accounts.
Basically you can use Fetchmail to grab the mail from your
current pop3 server and stick it into the standard unix mail files for each
user on the system. Then you can use a pop3 server on the linux box so
your user can grab their mail out of these accounts. SA would be in
the middle of that process, probably something like
Fetchmail->procmail->SA->mailbox->pop3server.
You users don't need actual access to these accounts, or
even know that they exist, and I think you can set them up as no
login. All the users will have to do is change the hostname in their
pop3 mail configuratios for where they grab mail. Unless you want to
run outbound through SA also, they won't have to change the current smtp
info pointing to your external provider.
This is essentially how we have things set up
here.
Loren
-----
Original Message -----
Sent:
Wednesday, July 06, 2005 11:07 PM
Subject:
Re: SpamAssassin w/POP3 & SMTP outsourced e-mail server...
Let me try and summarize what I
have recieved from all these e-mails as well as put together myself. Then
you guys could give me some feedback if I'm on the right trail. What I
need to do is install SpamAssassin w/pop3proxy on a linux box. Then setup
the pop3proxy to point to my external pop3 server. On the client side I
will need to setup each client's login to include their login name and the
SpamAssassin/pop3proxy server (I'm not sure if I can only do this if I use
the SAproxy utility for windows). Thats how I understand this should work.
Now configuring this is another situation. How does it look to you guys? I
have just noticed that there are a lot of utilities and stuff to use and
am trying to piece it all together.
thanks
On 7/6/05, Jesse
Shumaker <[EMAIL PROTECTED]> wrote:
So
you must have SAproxy on each client to do this? I know that is another
product that I have heard of. If so do you have a download link where I
can get SAproxy? If that is just the name you are calling the
SpamAssassin proxy it looks like all I would need to do is specify the
destination server in the login box and I'm set. All I have to do on the
server end is setup the POP3proxy. Is this correct?
On 7/6/05, Paolo
Cravero as2594 < [EMAIL PROTECTED]
> wrote:
Jesse
Shumaker wrote:
Hi
> This looks good and I think I
may try this perl module. It seems that
> it's geared towards a
single workstation and not a network of machines.
> They say
that you point your client to localhost, which means that each
>
machine must have this installed. How are you guys running this so
that
> you can have one centralized SA server? Also, how does
the SA box
> authenticate with the ISP's POP servers for each
e-mail client? In my
> organization each user has their own
password and username for their
> e-mail account.
We
installed it on a linux box with SA, and run it as a deamon.
It
supports concurrent connections, altought we haven't tested
it
thoroughly (hundreds of simultaneous connections...). So, rather
than
installing it locally on each machine, use a shared POP
proxy.
The client sends SAproxy the user/password, that then
SAproxy submits to
the remote server. It is a proxy for POP3
protocol (no support for
POP3*S*), just that before sending the
message to the client it is
scanned by SA.
It is also very
flexible, since the destinaton server has to be
specified as part
of the login string ([EMAIL PROTECTED]
to retrieve
mail with login [EMAIL PROTECTED] from
pop.domain.com
server): your colleagues can use
the same proxy box for retrieving mail
from other POP3 accounts as
well.
PC
--
| QRPp-I
#707 + www.paolocravero.tk + I QRP
#476 |
| SpamAssassin-based email antispam/antivirus
solutions
|
\ Italian/English-to/from-Croatian
translations /
\
Skype:
pcravero
/
|
