Ok, so I have a simple, yet hugely unanswered question...
What is the correct way to setup Scalix so that SpamAssassin will be able to properly handle all incoming mail?
This sounds simple, and you would probably at first lead me to read the knowledgebase articles found here and here but the problem with both of these solutions is that they include the smtpd.cfg option "SMTPFILTER=TRUE". In my opinion, this is an easy way out, but not a proper solution. I have been using that as a solution for a long time, but the problem is that EVERY email that is seen by sendmail sees it coming from 127.0.0.1. This is unacceptable as it does not allow for all the features of SpamAssassin to be used.
I have seen people suggesting the use of the submission port, but no clear instructions on what to do other than to set the smtpd.cfg option "LISTEN_PORT=", but nothing after that.
I will admit that I am still learning, but I am willing to do some work and post my findings etc to the wiki, but I need at least a little more direction if possible as to what to do next to get this working properly. (IE: this will stop Scalix from listening to port 25, but how do I tell sendmail to listen to that port instead? How do I tell sendmail not to be an open relay, but that it should accept mail from my users using smtp authentication? How do I tell Scalix to pickup the messages after they have been scanned by SpamAssassin? etc)
Thanks for any help!
Mito
Setting up SpamAssassin Properly
Moderators: ScalixSupport, admin
-
mito
- Posts: 194
- Joined: Fri Mar 24, 2006 11:33 am
Setting up SpamAssassin Properly
Last edited by mito on Wed Feb 07, 2007 1:16 pm, edited 1 time in total.
-
friedmar
- Posts: 48
- Joined: Fri Jan 26, 2007 11:29 am
- Location: Darmstadt, Germany, Europe
-
dresdn
- Posts: 92
- Joined: Wed Apr 05, 2006 5:11 pm
Mito,
I see you found viewtopic.php?t=5922 Once I get an answer, I will definitely try to get that on the Wiki, because I see *nothing* in the documentation about this issue.
Hopefully someone from Scalix will respond. ;)
-Mike
I see you found viewtopic.php?t=5922 Once I get an answer, I will definitely try to get that on the Wiki, because I see *nothing* in the documentation about this issue.
Hopefully someone from Scalix will respond. ;)
-Mike
-
vladmci
Setting up SpamAssassin Properly
It's all OK as long as you use RECIPIENT restrictions.
The problem is that the the SMTP Relay reads down through the configuration
file from the top and execute the first line that matches. So RELAY accept 127.0.0.1 is laike a wild card for all relays as long as the SPAM protection make all emails as comming from 127.0.0.1
You can try a workaround Iif you put something like:
SMTPFILTER=TRUE
RECIPIENT accept *@"yourdomain"
RECIPIENT log_reject ALL
RELAY accept 127.0.0.1
Oh, yes it would be better to reject relays (open relays) not recipients but that is up to Scalix team to solve.
The problem is that the the SMTP Relay reads down through the configuration
file from the top and execute the first line that matches. So RELAY accept 127.0.0.1 is laike a wild card for all relays as long as the SPAM protection make all emails as comming from 127.0.0.1
You can try a workaround Iif you put something like:
SMTPFILTER=TRUE
RECIPIENT accept *@"yourdomain"
RECIPIENT log_reject ALL
RELAY accept 127.0.0.1
Oh, yes it would be better to reject relays (open relays) not recipients but that is up to Scalix team to solve.
-
mito
- Posts: 194
- Joined: Fri Mar 24, 2006 11:33 am
My point is that I do not want a solution that includes the line 'SMTPFILTER=TRUE" because in doing so, all mail apears to come from 127.0.0.1, and for me that is unacceptable (I plan on implementing greylisting, which is impossible to do if all emails are from 127.0.0.1. Not only that, but SpamAssassin has the ability to block based on host IP address, but if all mail comes from 127.0.0.1, then that functionality is wasted too).
That is the point of this thread... to find out what all has to be done in order to get Scalix / Sendmail to behave properly (just Scalix and sendmail, as the rest is customized from there).
That is the point of this thread... to find out what all has to be done in order to get Scalix / Sendmail to behave properly (just Scalix and sendmail, as the rest is customized from there).
-
Valerion
- Scalix Star
- Posts: 2730
- Joined: Thu Feb 26, 2004 7:40 am
- Location: Johannesburg, South Africa
- Contact:
You can put in a relay machine between the internet and yourself, doing all of the spam filtering and greylisting for you, or you can run sendmail as the primary MTA. I am doing this myself (I need ETRN support) and it works well with a bit of tweaking (I don't think this setup is supported by Scalix, so use at your own risk. The following is for Scalix 11 only):
1) I have the following in my smtpd.cfg:
# Uncomment the following lines to enable the Submission and LMTP listeners
SMTP=OFF
SUBMIT=ON
#LMTP=ON
<snip>
[SUBMIT]
LISTEN=<hostname>:587
# Reject all anonymous connections
ANONYMOUS Log_Reject ALL
2) Scalix 11 needs SMTP auth for SWA, which sendmail can't do, so I changed the following in /var/opt/scalix/??/webmail/swa.properties:
swa.email.smtpServer=<hostname>:587
3) Make sure sendmail is listening on the external interface as well, and not just the loopback. Change the following in sendmail.mc:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
1) I have the following in my smtpd.cfg:
# Uncomment the following lines to enable the Submission and LMTP listeners
SMTP=OFF
SUBMIT=ON
#LMTP=ON
<snip>
[SUBMIT]
LISTEN=<hostname>:587
# Reject all anonymous connections
ANONYMOUS Log_Reject ALL
2) Scalix 11 needs SMTP auth for SWA, which sendmail can't do, so I changed the following in /var/opt/scalix/??/webmail/swa.properties:
swa.email.smtpServer=<hostname>:587
3) Make sure sendmail is listening on the external interface as well, and not just the loopback. Change the following in sendmail.mc:
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
Who is online
Users browsing this forum: No registered users and 12 guests