> I think the proposed solution of putting a MailScanner box in front of the
> Exchange box is just the best way. Hundreds of shops do it this way. It's also > got the advantage that you then can remove the Exchange box from public net (or > at least refuse any email with the exception of mail coming from the > MailScanner box), so none of the bugs or misconfiguration options Microsoft > offers can be exploited. A Linux box in front of mail also offers other better > options for spam/virus protection, f.i. greylisting. AFAIK there's no > greylisting solution for Exchange or Microsoft SMTP at all. And, last not > least, the process of upgrading the MS/SA bits is probably less painless than > on Windows. Unfortunately, this would result in a third "step" in the SMTP process. Currently, the SMTP filter I run allows us to use our choice of virus scanner to check for viruses, monitor real-time traffic, and even "chat back" to a would-be hacker if they're screwing with the system manually, as well as back-up E-Mails for however long we need to, as well as all traffic that transpires in case we have to go back to a previous attack log for prosecution purposes. Adding a spam filter at this point would just be the smart thing to do. Unfortunately, if we were to make a third server, we would then have this app receiving incoming SMTP traffic, doing its thing, then forwarding that on to the Spam Assassin server, then having THAT forward it on to the Exchange server. Again, keep in mind that I'm trying to keep this as ridiculously simple as possible for the people that'll have to actually implement it in my absence. -Aaron Boyles ITC Applications Programmer
