Topic: Amavis + SMTP

[kadybee]

I'm trying to setup two SME servers to 'handle' mail.

The first is on a public IP (DMZ) and will accept the mail for the domain, process it (SPAM and AV) and pass it on to the second mail server for delivery to the user Maildir.

The scanning on the first box is via spam assassin and clamav.

I assumed that the simplest way to achieve this is to adjust the /etc/amavis-ng/amavis.conf to deliver to SMTP instead of the default Qmail.  (eg: output address = 192.168.1.254; output port = 25)

I have tried several changes but can't get past the first box accepting delivery to itself (Qmail spool and Maildir - instead of forwarding it to the second box via smtp).

Has anyone set up anything similar?  or have any thoughts/suggestions on this?  

Thanks


Klaus

[NickR]

Why doesn't Configuration/E-mail/Delegate mail servers in server-manager work for you?

[kadybee]

Thanks Nick

I didn't go down that track making the assumption that mail is simply passed to Delegate without processing - ie spam and av.

I want that processing to remain on the first box.  I'll have to try that though


Klaus

[raem]

kadybee

> I'm trying to setup two SME servers to 'handle' mail.

Why have 2 servers when 1 can do the job. Are you receiving thousands of messages every hour or something and therefore don't want to overload your main server with clam & spam processing. ?

If you implement pattern matching executable content blocking and enable RBL lists, you will reduce clam & spam processing requirements dramatically, perhaps low enough for you to only need one mail server.

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/Virus%20and%20file%20blocking%20HOWTO%20using%20smtpfront-qmail%20for%20sme%20server.htm

Exe content blocking is incorporated into sme 6.5

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/Spam%20blocking%20HOWTO%20using%20smtpfront-qmail%20for%20sme%20server.htm

RBL is incorporated into Knuddis spam filter panel.


For a few other tips and links to other ways to reject unwanted emails see

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/Mail%20system%20tweaks%20HOWTO%20for%20sme%20server.htm

[kadybee]

Hi Ray

>Why have 2 servers when 1 can do the job. Are you
>receiving thousands of messages every hour or
>something and therefore don't want to overload your
>main server with clam & spam processing. ?

That's not necessarily the reason - but is a small factor.

The main reason is to maintain a DMZ.  All decisions on what gets into the LAN is determined at this point.  The ACTUAL mail server is totally hidden from the rest of the world.  I could simply have it process the spam/av but it makes sense to get it done before it enters the LAN.

There are a few other advantages to doing it this way, but that is the main reason.


Klaus