Rick Romero ha scritto:
On Thu, 2007-11-08 at 17:20 +0100, [EMAIL PROTECTED] wrote:
On Thu, 08 Nov 2007 08:52:57 -0600
Rick Romero <[EMAIL PROTECTED]> wrote:
Not entirely, If the main issue is timeouts during SMTP, he can move
his scanning to '127.0.0.1', and remove it from his external IP. That
will ensure he can receive an email from the outside in its entirety.
He can throttle connections to 127.0.0.1 to prevent overload, and he
won't bounce mail due to SMTP timeouts.
You don't want to lose a/v scanning on your external IP, so another
qmail install, with spam-only qmail-scanner, would be the cheapest
solution.
Why not? Moving it to a pool of AV scanning boxes would be a good idea.
I'm not suggesting that the caller be moved, but the work is moved. So
the MX gets the mail, but uses the clam client to talk to a clam server
that's in a pool... somewhere.
That would seem to be a good use of resources to me.
The resource pool could be a loadbalancer for example, if one works
with an office LAN that would be a good use of boxes that are doing
nothing more than running a xscreensaver.
--
The SCSI Controller to Toshi Station is sending 1111111111 because of
the newbie thinking 'halt' means 'exit'. Valve Software is RNA.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg
Hi!
Perhaps I should have said that this server will be housed and that I
can't set more than one server because of the cost... so I needed to do
something as this... but don't know if it would work or could have
problems... I assume not.. because is the same way than setting a ssl smtp
on port 465.. it shares everything with qmails 25 port server... but I
needed to know if any of you have tested if this works...
Yes, basically:
Do an alternate qmail install (qmail2)
Install your qmail-scanner on qmail2 with only antivirus scanning.
Assuming you're running supervised:
create a /service/smtp2/run that only binds to your external IP (correct
the paths)
create a /service/send2/ like /service/send, but with correct paths
change/add /var/qmail2/control/smtproutes to contain only:
:127.0.0.1
modify your /service/smtp/run so it only binds to 127.0.0.1
What you did was install a blank qmail (make sure the basics are there
so you don't have an open relay, etc) into qmail2. All it does is bind
to your external IP, recieve email, a/v scan it, and forward it to
127.0.0.1. Since 127.0.0.1 is your original qmail install, it will
handle everything as it did before.
It can get confusing - so make sure you backup everything before you
accidentally edit/delete something in /var/qmail instead
of /var/qmail2 :)
What about qmail users? Usually qmail "cd" according to user's home
directory.
Tonino
Rick
--
------------------------------------------------------------
[EMAIL PROTECTED] Interazioni di Antonio Nati
http://www.interazioni.it [EMAIL PROTECTED]
------------------------------------------------------------
!DSPAM:47334c5e32003395413649!
