[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Default MTA for Fedora 7



David Woodhouse <dwmw2 infradead org> wrote:
> On Sat, 2007-02-03 at 22:59 +0100, Thomas M Steenholdt wrote:
> > "If we change the Default MTA in Fedora - Which should it be?"
> > 
> > I'm sure a lot of people will say Exim is great (i can't say, since i've 
> > never worked with it). Others will yell for Postfix, towards which i'm 
> > probably slightly biased, since that's what I currently use in most 
> > places. I'm sure yet others will have other MTA's listed as their 
> > favorite one.
> 
> Exim certainly does the job for me. None of the others do, as far as I
> can tell. I'd be happy to be corrected on that count though, so I'll
> elucidate...
> 
> I'd like to be able to do greylisting -- but not indiscriminately; I
> want to greylist only mail which actually looks suspicious in some way,
> rather than delaying perfectly genuine mail. Mail gets greylisted only
> if it has some SpamAssassin points, or it's HTML, or it comes from a
> machine with no reverse DNS or which is listed in a RBL, etc.

The /point/ in greylisting is not to expend any effort on mail that comes
from suspect origins. Stopping mail from an RBLed origin or no reverse DNS
(or non-matching reverse DNS) are other, independent anti-spam
measures. Sure, they can be integrated into greylisting (milter-greylist
for sendmail integrates RBLs), but they are still independent. So is
spamassassin's score, etc.

>                                                               That's a
> few lines of Exim ACL code, demonstrated (the quick hack version) at
> http://david.woodhou.se/eximconf/include/acl-greylist or perhaps more
> sanely with jgarzik's better SQLite-based version which is available in
> the same directory although I haven't yet switched over to it.

> Is it possible to do that kind of thing in other MTAs? Without writing
> or installing external software (or, perhaps, calling out to Exim? :)

Why is "installing external software" (specially if it is written to
standardized interfaces defined exactly for such uses) off-limits?

> I also need to be able to run virtual domains on the cluster of mail
> machines I operate, but I don't really want to set up yet another
> distributed database; I _already_ have DNS running, after all. I keep
> aliases for virtual domains in TXT records,

Lousy missuse of DNS, if you ask me.

>                                             and I use Dynamic DNS so
> that owners of a given virtual domain can update their forwarding
> records with a trivial script round nsupdate. Currently, that's handled
> just a few lines of Exim router configuration in the same directory as
> the above (routers-dns-virtual). Can I do this in any of the other MTAs
> on offer?

Why does an MTA have to bend over to such abuse of DNS?

[...]

> Even Postfix would also be a better choice than sendmail -- that isn't
> exactly a hard accolade to achieve. But it's much less versatile than
> Exim and much less flexible in handling and filtering of incoming mail.
> It might serve the newbies OK and those who really don't ask much of it,
> but it's less useful for anyone who actually wants to get _serious_
> about running a spam-resistant mail server these days.

Better go tell that the guys at sendmail.org.
-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                    Fono: +56 32 2654431
Universidad Tecnica Federico Santa Maria             +56 32 2654239
Casilla 110-V, Valparaiso, Chile               Fax:  +56 32 2797513


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]