Very Computer

> Does anyone here have Solaris and QMail running instead of Sendmail?

> If so - how do you handle (on SPARC) scanning attachments for Virii?
> Keep in mind that I need a free or inexpensive virus scan solution.

> I also am interested in doing a better job of filtering spam at the
> front door - has anyone implemented spam filtering software or
> blacklists, subscribed filters, and/or enhancements that, for example,
> reject an incoming mail if the user does not exist, instead of bouncing it?

> I'm interested in any suggestions or comments on this as I admit to
> being a little behind these days :(

> Thanks again,
> Rick

>> Does anyone here have Solaris and QMail running instead of Sendmail?

>> If so - how do you handle (on SPARC) scanning attachments for Virii?
>> Keep in mind that I need a free or inexpensive virus scan solution.

>> I also am interested in doing a better job of filtering spam at the
>> front door - has anyone implemented spam filtering software or
>> blacklists, subscribed filters, and/or enhancements that, for example,
>> reject an incoming mail if the user does not exist, instead of
>> bouncing it?

>> I'm interested in any suggestions or comments on this as I admit to
>> being a little behind these days :(

>> Thanks again,
>> Rick

> Before you spend a great deal of time and trouble looking for anti virus
> software, you might consider that fact that virii are almost unknown
> outside of the Windows and Macintosh world.  This is not to say that
> their can't be a Solaris virus but I have never heard of one, nor
> indeed, of any anti virus software for Solaris.

> Or are you scanning mail destined for PC users?  There is software
> called something like CLAM-V that is well regarded.  I believe that is
> free.  Anti-spam filtering software is available but it costs money.

>>Does anyone here have Solaris and QMail running instead of Sendmail?

> I do. qmail, djbdns and assorted support tools (daemontools, ucspi etc).
> Works a charm on Solaris 10. If I find some time I'll convert from
> daemontools to SMF (svc is darn close to svcs :-).

>>If so - how do you handle (on SPARC) scanning attachments for Virii?
>>Keep in mind that I need a free or inexpensive virus scan solution.

> I don't scan for viruses, but I do use Eric Raymond's bogofilter to
> scan for SPAM, which in my experience catches almost all viruses.
> Windows machines need a virus scanner anyway. AVG Free is pretty good.

>>I also am interested in doing a better job of filtering spam at the
>>front door - has anyone implemented spam filtering software or
>>blacklists, subscribed filters, and/or enhancements that, for
>>example, reject an incoming mail if the user does not exist, instead
>>of bouncing it?

> I do all of these things. As mentioned, bogofilter (which IMHO is
> better than SpamAssassin) for SPAM filtering (which automatic feedback
> into the database and two functional addresses where users can bounce
> incorrectly labeled messages). I reject mail from MTAs without proper
> reverse addresses (using tcpserver), and servers that are blacklisted
> on spamhaus, ordb and dsbl are told off using rblsmtpd.

> Here's my /service/qmail-smtpd/run file:

> #!/bin/ksh

> QMAILDUID=`id -u qmaild`
> NOFILESGID=`id -g qmaild`
> MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
> LOCAL=`head -1 /var/qmail/control/me`

> if [ -z "$QMAILDUID" -o -z "$NOFILESGID" -o -z "$MAXSMTPD" -o -z
> "$LOCAL" ]; then echo QMAILDUID, NOFILESGID, MAXSMTPD, or LOCAL is
> unset in echo /var/qmail/supervise/qmail-smtpd/run
>     exit 1
> fi

> if [ ! -f /var/qmail/control/rcpthosts ]; then
>     echo "No /var/qmail/control/rcpthosts!"
>     echo "Refusing to start SMTP listener because it'll create an open
> relay" exit 1
> fi

> exec /usr/local/bin/softlimit -m 2000000 \
>     /usr/local/bin/tcpserver -v -p -R -l "$LOCAL" -x /etc/tcp.smtp.cdb
> -c "$MAXSMTPD" \ -u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
>         /usr/local/bin/rblsmtpd \
>         -r sbl-xbl.spamhaus.org -r relays.ordb.org -r list.dsbl.org \
>             /var/qmail/bin/qmail-smtpd 2>&1

> I don't reject incoming mail for invalid users, I record the invalid
> address and drop the message in the bit bucket (pretty easy through
> a .qmail-default alias and a little script that writes the salient
> information to a file:

> $ more .qmail-default

> |/usr/local/bin/recordbadmail

> $ more /usr/local/bin/recordbadmail
> #!/bin/ksh

> # Script to record salient data on dropped messages
> echo `date`": SENDER: <$SENDER>, RECIP: <$RECIPIENT>" \
>   >>/var/log/qmail/droppedmessages

> Take care,