> Surely switching to qmail can't take THIS much much mucking around
> down in the bowels of the TCP machinery???? Thanks!
Naah. Here's the true facts:
You can run qmail-smptd from inetd if you want to, so long as you use tcpd or
something else that can set the RELAYCLIENT environment variable for hosts on
your own network that are allowed to relay mail. (If you don't have any
hosts that need to relay, you don't even have to do that.)
But inetd doesn't work very well for high-volume services, due to a fairly
lame design. Rather than remembering how many of each service is active, it
just turns off services when they are started up "too often", regardless of
whether the daemons are keeping up. Tcpserver, on the other hand, is
configured with a limit to the number of active daemons, and rejects
connections only when it's at that limit. This keeps the system from falling
over when you get a burst of spam without turning off mail altogether.
Tcpserver comes with a bunch of other programs in a package called ucspi-tcp.
The other programs aren't particularly useful unless you plan to fully
DJB-ize your system. But you don't have to. What I do, and what most other
qmail users seem to do, is to use tcpserver to run qmail-smtp and perhaps a
few other high volume services. (I use it to run the abuse.net whois server,
for example.) I still use inetd to run servers for ftp, pop3, and other
services that aren't high volume.
If you use tcpserver, you'll probably want to use rblsmtpd to reject mail on
the MAPS RBL or MAPS RSS. I also have a modified version called "detour"
that sets an environment variable so you can accept the mail but detour it
into a spam trap or a program that sticks on an "X-Suspicious" header and
delivers it anyway.
Regards,
John Levine, [EMAIL PROTECTED], Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47
