On 7/7/05, Loren Wilton <[EMAIL PROTECTED]> wrote:
> Procmail will act as the pop3 serverNot quite. My belief (and Joanne set this up, so she has the actual details) is that Fetchmail is feeding procmail, possibly going through Sendmail to do this. Procmail has a 2-line recipe that calls SA as part of the delivery process for local deliery to an account on the Linux box.Then the standard Linux pop3 server is used to let users pull mail from this mailbox.We don't use Clam here, since we have Semantic on the final destination Windoze boxen, and this seems to work well enough. We're also pulling from Earthlink accounts using pop3, and they have a first level of virus buster there, so things actually get virus scanned twice.I don't know if Clam can be integrated using Procmail or not. If it can be executed as a normal Unix stdin-stdout filter, I don't know why it wouldn't be possible to do it that way. So you should (I think!) be able to feed to clam, and then to SA (actually spamd), and have the resulting mail end up sitting in user mailboxes ready to be grabbed by the users using pop3.I don't recall if you said your users are windows-types or unixen, but I'm assuming they are windows users. If you want to enable Bayes with this setup you should be able to do it either per-user or site-wide fairly easily. There is a plethora of information on setting up some imap ham/spam drop boxes that users can easily get to from either OE or Outlook to use for training the Bayes database. Works like a charm here.Loren----- Original Message -----From: Jesse ShumakerSent: Thursday, July 07, 2005 7:14 PMSubject: Re: SpamAssassin w/POP3 & SMTP outsourced e-mail server...Loren,
So with doing it this way and setting up user accounts for each e-mail account on the linux box and using Fetchmail which is installed on the Linux box to grab each users mail from the ISP, Procmail will act as the pop3 server to allow these users to grab their mail internally from the linux box, and SpamAssassin would filter all the spam due to being installed on the central Linux box? Does your organization use ClamAV to remove filter virus's from the e-mail as well?
Thanks a lot for this.
On 7/7/05, Loren Wilton <[EMAIL PROTECTED]> wrote:I don't immediately see that anyone more knowledgable replied, so I'll toss out some possibilities/confirmations:Yes, you need something like a Linux box. It will run SA, and will retrieve mail using pop3 from your current provider. Pop3proxy is one possibility. Another possibility is Fetchmail feeding into a local mail system.I don't recall if you said how many users you have, but my impression is it is no more than a few thousand, perhaps only a few hundred. At this size it would be feasible to set up an account on the linux box for each user, and deliver mail into these accounts.Basically you can use Fetchmail to grab the mail from your current pop3 server and stick it into the standard unix mail files for each user on the system. Then you can use a pop3 server on the linux box so your user can grab their mail out of these accounts. SA would be in the middle of that process, probably something like Fetchmail->procmail->SA->mailbox->pop3server.You users don't need actual access to these accounts, or even know that they exist, and I think you can set them up as no login. All the users will have to do is change the hostname in their pop3 mail configuratios for where they grab mail. Unless you want to run outbound through SA also, they won't have to change the current smtp info pointing to your external provider.This is essentially how we have things set up here.Loren----- Original Message -----From: Jesse ShumakerSent: Wednesday, July 06, 2005 11:07 PMSubject: Re: SpamAssassin w/POP3 & SMTP outsourced e-mail server...Let me try and summarize what I have recieved from all these e-mails as well as put together myself. Then you guys could give me some feedback if I'm on the right trail. What I need to do is install SpamAssassin w/pop3proxy on a linux box. Then setup the pop3proxy to point to my external pop3 server. On the client side I will need to setup each client's login to include their login name and the SpamAssassin/pop3proxy server (I'm not sure if I can only do this if I use the SAproxy utility for windows). Thats how I understand this should work. Now configuring this is another situation. How does it look to you guys? I have just noticed that there are a lot of utilities and stuff to use and am trying to piece it all together.
thanks
On 7/6/05, Jesse Shumaker <[EMAIL PROTECTED]> wrote:So you must have SAproxy on each client to do this? I know that is another product that I have heard of. If so do you have a download link where I can get SAproxy? If that is just the name you are calling the SpamAssassin proxy it looks like all I would need to do is specify the destination server in the login box and I'm set. All I have to do on the server end is setup the POP3proxy. Is this correct?
On 7/6/05, Paolo Cravero as2594 < [EMAIL PROTECTED] > wrote:Jesse Shumaker wrote:
Hi
> This looks good and I think I may try this perl module. It seems that
> it's geared towards a single workstation and not a network of machines.
> They say that you point your client to localhost, which means that each
> machine must have this installed. How are you guys running this so that
> you can have one centralized SA server? Also, how does the SA box
> authenticate with the ISP's POP servers for each e-mail client? In my
> organization each user has their own password and username for their
> e-mail account.
We installed it on a linux box with SA, and run it as a deamon. It
supports concurrent connections, altought we haven't tested it
thoroughly (hundreds of simultaneous connections...). So, rather than
installing it locally on each machine, use a shared POP proxy.
The client sends SAproxy the user/password, that then SAproxy submits to
the remote server. It is a proxy for POP3 protocol (no support for
POP3*S*), just that before sending the message to the client it is
scanned by SA.
It is also very flexible, since the destinaton server has to be
specified as part of the login string ([EMAIL PROTECTED]
to retrieve mail with login [EMAIL PROTECTED] from pop.domain.com
server): your colleagues can use the same proxy box for retrieving mail
from other POP3 accounts as well.
PC
--
| QRPp-I #707 + www.paolocravero.tk + I QRP #476 |
| SpamAssassin-based email antispam/antivirus solutions |
\ Italian/English-to/from-Croatian translations /
\ Skype: pcravero /
