new email server
brendan
brendan at eb-net.net
Fri Jun 3 21:20:56 UTC 2005
Gary Stainburn wrote:
>Hi folks
>
>I'm looking at replacing my aging RH7.3+Exim 3 + Sophos + home-grown
>scripts with a FC3+Exim 4+ Sophos + whatever.
>
>I'm looking at virus and SPAM filtering. Can anyone suggest good
>configs and options.
>
>Gary
>
>
Gary;
Let me preface all this by saying that I have no experience setting up
an enterprise email system on a Linux platform for production, although
I have done installed and configured many others (Exchange, Notes and
GroupWise) in and for production use in small-medium-large and very
large environments.
I set out on a project a couple months ago to find a comperable Linux or
BSD email platform to what I would expect from a brand new Microsoft
email system. So, I have also done a lot of tinkering lately with BSD,
and Mandrake and FC3 Linux platforms testing MTAs (Courier and Sendmail
so far). While I find that the Courier package is a more complete all
around system, Sendmail was actually more straight forward and easier to
configure using pieces of Courier and Cyrus (and others) to fill other
requirements. I prefer BSD for jsut about any production utility
service, like email, because it's possible to build a precise
installation with hardly any overhead. Troubleshooting anything in BSD
is a nightmare of cryptic error messages and long nights searching for
documentation, more experience with BSD would probably have lead to a
better impression. I found Sendmail and FC3 to be the most straight
forward to install from what I compiled on the machine or using the
rpm(s). Although neither FC3 nor Sendmail are perfect, FC3 and Sendmail
would be my first choice if I wanted to build a system and move it to
production quickly.
The 'add-ons' can quickly become like chosing toppings for a plate of
nachos at 7-11. You start out wanting email and antivirus but end up
with webmail, various authentication packages, administrative tools and
end-user goodies piled on top. I would warn you to be careful when you
done testing and not put a machine in production that's had a package
tested and removed because MTAs become extremely complex and it's
difficult (sometimes impossible) to remove even the smallest package
cleanly, but you probably know and wouldn't do that anyway. Sendmail
with Courier-IMAP because I like the way Courier-IMAP folders resemble
Exchange IMAP folders and ClamAV. I have tested Squirrel Mail also and
find that I prefer that ANY webmail package to be installed on a
seperate web server (that includes Exchange and Outlook Web Access).
Since I started using reverse MX lookups I have eliminated almost all
the spam from my systems, have have not felt the need to add
spamassassin yet, but probably will in the next week. Using something
like Cyrus saslauth in conjunction with reverse MX and spamassassin
would be a great way to support road warriors and keep keep most spam
off of your system. If you have an Active Directory or other LDAP
structure to authenticate to, I have had success with Courier's
authentication package and I recommend encrypting it all using SSL.
Using SSL gives you the option to securely authenticate across untrusted
networks with plain text or encrypted passwords. Not that I recommend
plain text authentication, but it is simple and easiest to configure and
removes a layer from troubleshooting. I also found that I needed to
compile SSL from the source because the rpm was missing something I
needed (but I do not recall what that was). I don't have any travelers
to support so I use putty and mutt or port-forwarding if I absolutely
have to have a graphical client.
I have not tested any other AV package but ClamAV. I find it straight
forward, easy to work with and reliable, so I could not, and probably
would not, recommend any other.
I hope something from here is usefull, now I"m consdering Exim and Sophos!
More information about the fedora-list
mailing list