Hello list, I've talked about this issue before here on this list and feel the setup can be improved. Quoting from the Q-S FAQ:
1.. How do I make Qmail-Scanner only scan mail for some local domains?. 2 words: "MX records" :-) Put two IP addresses on your mail server, change the MX records for those domains you want scanned go to one IP address, and the rest to the other. Then you simply have an instance of qmail-smtpd running on each address - one with QMAILQUEUE defined and one without. This is *majorly* better than coding Qmail-Scanner to ignore certain addresses - this way Qmail-Scanner isn't called at all for the domains you don't want to protect. I set this up, and while it works, it's a pain. Esp. with a cluster of 4-5 mail servers... It seems to me the best place to do this per-domain scanning (not local users vs. external users) would be in TCPSERVER... just like what was recommended if you wanted to scan/not scan local's/outside mail. You wrote a tcp.smtp file that had your internal (don't want to scan) IP's (such as 10.x.x.x) and set QMAILQUEUE="" then another rule for all other IP's to scan ":allow,QMAILQUEUE="/var/qmail/bin/qmailscanner-queue.pl" etc... Like I said, this works great for the difference between internal mail vs. external... It does nothing for setting scan/no scan on a per-domain basis... the on going consensus has been to use MX records to point to different host IP's on the mail server, then run multiple instances of qmail-smtpd (tcpserver on a per host basis) with a QMAILQUEUE set or un-set... I'm willing to look into some C coding for tcpserver, but I don't want to re-invent someone else's work, or duplicate their efforts... has anyone done a patch to tcpserver that would basically give a new "-" option that would bind tcpserver to specific IP's by reading in a .cdb file? In the process of reading that .cdb file, TCPSERVER would set/unset various env vars. Such as the QMAILQUEUE. This would then allow true per-domain scanning at a low level TCPSERVER point. Much better than calling qmail-scanner and looking at the domain there or having to run multiple instances of qmail-smtpd/run ! :) I'll take this patch on if no one else has done something like this. I'm certainly no C guru though, so I don't want to waste my time if someone's done it already or has a better idea. Thoughts? _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general