Paul procacci wrote:
Olivier Nicole wrote:
Hi,
As an ISP, or the person in charge of a large organisation, have you
ever set-up a transparent email redirection: all outgoing email would
be proceeded to an outgoing server in order to check for virus, spam,
whatever.
Best regards,
Olivier
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
The answer to your question is yes. To elaborate a bit more however
here is a personal document I wrote (i.e. wasn't intended for anyone
else), hopefully it provides you with good enough information and/or
the information you were looking for. Mind you, this is BSD and qmail
(yes, I'm a fanboy) specific. This assumes you are familiar with the
software I decided to use under the components heading. Certainly
feel free to ask any questions. I realize the document isn't
"production quality" due to the reasons given about, but rest assured
I can vouche for this method.
Additionally note, this is obviously not the only method.....just that
it's my method. ;P Cheers!
~Paul
----------------------------------------------
I have 5 machines behind a load balancer, one of which is FBSD 4.11,
and the other 4 are FBSD 6.2. The component list I used is as follows:
Components
tcpserver
daemontools
qmail w/ QMAILQUEUE patch
qmail-qfilter
spamassassin
*custom c scripts (These are optional; one is provided)
Flow
This is the current flow of any emails that reach the cluster. Note
the items listed within *'s are custom programs and explained later in
this document:
tcpserver->qmail-smtpd->qmail-qfilter->spamc->*reject_spam*->qmail-queue->qmail-remote
**Note :: reject_spam is included because that is needed for denying
emails. (You could rewrite it in perl or sh if you needed to)
Installation
The installation for any new and existing proxy boxes is extremely
straightforward.
For all but qmail listed above, use the ports tree.
Setup spamd to create the /tmp/.spamd.sock socket. That's what I call
mine, yours can/will vary.
Once all this is installed, create /etc/tcp.smtp with the following
entry and build the cdb file:
:+RELAYCLIENT=+QMAILQUEUE=/var/qmail/bin/qmail-queue-spam
Ensure tcpserver uses that file(i.e. -x)
While in /usr/ports/qmail.....
a) upload the attached files (patch-qmail.c and patch-Makefile) into
./files/
b) edit patch-qmail.c to reflect a message you would like to give.
'+ case 20: return "DAnti-SPAM Threshold Reached see
http://domain.com/legal_information.aspx";'
c) type: make extract
d) type: make patch
e) copy the attached file (reject-spam.c) to ./work/qmail*/
f) Now, I haven't included some of my patches here do to sensative
information. Therefore, you'll need to edit the Makefile
(work/qmail-*/Makefile) to removed any and all references to
check_block and reject-record-spam.
g) type: make install
h) copy reject-spam to /var/qmail/bin
i) Copy the attached shell script (qmail-queue-spam) to
/var/qmail/bin/; that is going to tie this together.
Please note that it's NECESSARY to use the local software FW to allow
relaying. IPFW is a good choice (my preference anyways). Deny
everything to port 25, and only allow the hosts you want. I found
this to be the easiest.
Then on those hosts, smarthost the "hidden" (not really) machine.
------------------------------------------------------------------------
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
My attached c file got stripped. Here is it.
reject-spam.c
-------------------------------------------------------------------
#include "stralloc.h"
#include "substdio.h"
#include "readwrite.h"
#include "getln.h"
#include "str.h"
stralloc s = {0};
substdio i = {0};
substdio o = {0};
char ibuf[1024];
char obuf[1024];
int main(void){
int match;
substdio_fdbuf(&i,read,0,ibuf,sizeof(ibuf));
substdio_fdbuf(&o,write,1,obuf,sizeof(obuf));
for(;;){
if(getln(&i,&s,&match,'\n') == -1) _exit(81);
if(!match || s.len == 1) break;
if(!str_diffn("X-Spam-Flag: YES\n", s.s, s.len)) _exit(20);
substdio_put(&o,s.s,s.len);
}
substdio_put(&o,s.s,s.len);
substdio_copy(&o,&i);
substdio_flush(&o);
_exit(0);
}
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"