Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: hanscees on January 28, 2005, 11:34:54 PM
-
Hi,
I have installed clam antivirus.
I was wondering how the mail flow goes through the sme box now. I cannot find any documentation on that.
I know smtpfront takes mail on the outsides.
then qmail stuff
I know mail ends up in /home/e-smith/files/users/name/Maildir
Mail with virussen or unpack problems ends up in /var/spool/amavis/ng
Where do clam and spamassassin fit in?
Hans-Cees
-
You mean like the one at page 9, in this http://www.giac.org/practical/GSEC/Andrew_Lord_GSEC.pdf
/Mats
-
You mean like the one at page 9, in this http://www.giac.org/practical/GSEC/Andrew_Lord_GSEC.pdf
/Mats
Yes, but then for qmail and clam.
hc
-
Hi,
My first attempt to describe the mailflow through esmith 6.5 when clam-av is installed.
Please do point out mistakes.
This is the default qmail picture:
http://www.nrg4u.com/qmail/the-big-qmail-picture-103-p1.gif
e-smith/sme has modified this:
smtpfront-qmail in stead of qmail-smtpd (see announcement of esmith 5.5)
see also
http://untroubled.org/mailfront/
smtpfront can be used to block executables and do rbns lookups against spam.
So mail comes in with smtpfront-qmail.
Smtpfront-qmail would send mail to qmail-queue when clam-ng is not installed.
When clam-ng is installed however, mail is delivered to /usr/bin/qmail-queue.amavis (a perl script)
actually:
/var/system/smtpfront-qmail/peers/192.168.160 says:
+QMAILQUEUE=/usr/bin/qmail-queue.amavis
perhaps /usr/bin/qmail-filter is also involved somehow?
qmail-queue.amavis unpacks mail into /var/spool/amavis-ng
(see /etc/amavis-ng/amavis.conf)
I do not know if there is a queue on disk in between here. Because what happens if mail comes in faster than it can be unpacked?
The unpacked mail is scanned and if no virus or problem is found it is send on.
I presume it is send by /usr/sbin/sendmail (a link to /var/qmail/sendmail)
to the real qmail-queue.
Then the email is back into the standard qmail system. qmail-queue will put email in /var/qmail/queue/....
It gets picked up there and if local will be put by qmail-local into
/home/e-smith/files/user/jantje/Maildir
mail to be send on is handled by qmail-remote.
hc
-
I do not know if there is a queue on disk in between here. Because what happens if mail comes in faster than it can be unpacked?
mailfront (which is handling the SMTP connection) won't terminate until the message is all unpacked, checked, and handed off to qmail for delivery. Since there is a limit to the number of concurrent mailfront processes, once the system is busy unpacking messages for checking, no new messages will come in, until one of those slots becomes free.
The unpacked mail is scanned and if no virus or problem is found it is send on.
I presume it is send by /usr/sbin/sendmail (a link to /var/qmail/sendmail)
to the real qmail-queue.
The message is handled directly to qmail-queue. No need for the sendmail wrapper.
-
mailfront (which is handling the SMTP connection) won't terminate until the message is all unpacked, checked, and handed off to qmail for delivery. Since there is a limit to the number of concurrent mailfront processes, once the system is busy unpacking messages for checking, no new messages will come in, until one of those slots becomes free.
The message is handled directly to qmail-queue. No need for the sendmail wrapper.
Thanks for answering.
What kind of errors are given back to smtp servers when all slots are full?
greetings
Hans-Cees
-
What kind of errors are given back to smtp servers when all slots are full?
They'll either fail to get a connection, or they'll get a connection which times out (depending on the backlog queue).