[Mimedefang] mimedefang and trend micro's interscan viruswall

Stephen Loeckle stephen at lucidnetworks.net
Mon Mar 24 10:54:01 EST 2003 

Well, I don't have trophie or any other interface to trend installed.
Here's what I've done. I setup Interscan and Sendmail just the way Trend
suggests in the sandwich config. This is the setup where you have a
sendmail daemon on port 25, then trend on 18000 and finally sendmail on
19000. Email path:

Old:
Internet -> sendmail on port 25 (does dnsbl) -> trend on port 18000 ->
sendmail on port 19000 -> recipient

New:
Internet -> sendmail on port 25 (does dnsbl) -> trend on port 18000 ->
sendmail on port 19000 (mimedefang) -> recipient

When I found Spamassassin and Mimedefang, I recompiled sendmail to use
Milters. The daemon on port 25 doesn't have a milter in it's cf file.
However the daemon on 19000 does have one for mimedefang. Attached are my
mc files tweaked for trend so I don't have to do the funky cf
modifications. This setup works great for me. I get around 8000 emails on
an average day on this box which is a dual proc p3-1.2ghz box. Proc util
is max at 20%.

If this doesn't make sense, let me know. I have a tendency to ramble and
lose people.

Stephen

P.S. Pay no attention to the LDAP stuff at the bottom. We're migrating
back-end servers...

>Stephen:
>I somehow missed this post. This is what I have now:  I have upgraded MD >to
>2.3 as you suggested and installed trophie to run trend micro's viruswall
>and SA to filter spam, both through MD.  I first start trophie separately
>as a daemon (that is how I got it to work, I believe trophie hands scanned
>message to SA.  I am not sure if there is a better way) and then start MD,
>followed by sendmail deamon which checks DNSBL checking.  Now I realize I
>should have SA to run BL checking, instead of sendmail.  I have to look
>into this though.

>For your setup , I assume having 2 separate daemons for virus and DNSBL is
>to save system resource. How do you handle load balancing? Our site is
>quite busy, 8,000 to 12,000 messages per day, and at least 20% of them are
>sent to mailing lists with 100-500 subscribers.

>Thanks again for your help.

>Xiaoyan

>>At 08:28 PM 3/14/2003 -0600, Stephen Loeckle wrote:
>>I have Sendmail 8.12.8 running Interscan for Linux 3.7 (sandwich config)
>>with MD 2.3 and SA 2.50. I do not allow SA/MD use any virus features or
>>DNSBL. I let trend does what it's best at: Scanning for viruses by
>>itself. I've done a little static load balancing with the daemons.
>>Outside daemon does DNSBL then we have the trend daemon and then the
>>third delivery daemon. The last daemon does the SA/MD processing. It's a
>>bit of work, but once you do it, it works great and efficiently too! If
>>this sounds like your current and/or desired setup let me know.
>>
>>Stephen


-------------- next part --------------
divert(-1)
divert(0)
OSTYPE(`linux')
VERSIONID(`sendmail.mc sloeckle v2.0 01/28/2003 18:04')
define(`confLOG_LEVEL', 15)
define(`ALIAS_FILE', `/etc/mail/aliases')
define(`confCONNECTION_RATE_THROTTLE', `2')
define(`confTO_IDENT',`0s')
define(`SMTP_MAILER_ARGS', `TCP localhost 18000')
define(`ESMTP_MAILER_ARGS', `TCP localhost 18000')
define(`SMTP8_MAILER_ARGS', `TCP localhost 18000')
define(`DSMTP_MAILER_ARGS', `TCP localhost 18000')
define(`RELAY_MAILER_ARGS', `TCP localhost 18000')
define(`LOCAL_MAILER_ARGS', `TCP localhost 18000')
define(`SMTP_MAILER_FLAGS', `k')
define(`LOCAL_MAILER_FLAGS', `Phn9k')
define(`LOCAL_MAILER_PATH', `[IPC]')
define(`confMAX_HEADERS_LENGTH', `16384')
define(`confMAX_MIME_HEADER_LENGTH', `256/128')
define(`confMAX_DAEMON_CHILDREN', `24')
define(`confPRIVACY_FLAGS', ``goaway,restrictmailq,restrictqrun'')
define(`confSMTP_LOGIN_MSG', `$m Sendmail $v/$Z; $b')
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
define(`confAUTH_OPTIONS', `A')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
undefine(`DECNET_RELAY')
undefine(`FAX_RELAY')
FEATURE(`nouucp', `reject')
FEATURE(`use_cw_file')
FEATURE(`always_add_domain')
FEATURE(`redirect')
FEATURE(`smrsh')
FEATURE(`mailertable')
FEATURE(`virtusertable')
FEATURE(`access_db')
FEATURE(`blacklist_recipients')
FEATURE(`dnsbl', `sbl.spamhaus.org', `Spam blocked see: http://spamhaus.org/')
FEATURE(`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/')
LDAPROUTE_DOMAIN(`lucidnetworks.net')
FEATURE(`ldap_routing',`hash /etc/mail/mailhost',`null',`bounce')
MAILER(smtp)
MAILER(local)

-------------- next part --------------
divert(-1)
divert(0)
OSTYPE(`linux')
VERSIONID(`sendmail.mc sloeckle v2.0 01/28/2003 18:04')
define(`confLOG_LEVEL', 15)
define(`ALIAS_FILE', `/etc/mail/aliases')
define(`confCONNECTION_RATE_THROTTLE', `2')
define(`confTO_IDENT',`0s')
define(`SMTP_MAILER_FLAGS', `k')
define(`LOCAL_MAILER_FLAGS', `SPfhn9k')
define(`QUEUE_DIR', `/var/spool/mqueue1')
FEATURE(`no_default_msa')
DAEMON_OPTIONS(`Port=19000')
define(`confMAX_HEADERS_LENGTH', `16384')
define(`confMAX_MIME_HEADER_LENGTH', `256/128')
define(`confMAX_DAEMON_CHILDREN', `24')
define(`confPRIVACY_FLAGS', ``goaway,restrictmailq,restrictqrun'')
define(`confSMTP_LOGIN_MSG', `$m Sendmail $v/$Z; $b')
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
define(`confDEF_AUTH_INFO', `/etc/mail/auth/auth-info')
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
define(`confAUTH_OPTIONS', `A')
undefine(`UUCP_RELAY')
undefine(`BITNET_RELAY')
undefine(`DECNET_RELAY')
undefine(`FAX_RELAY')
FEATURE(`nouucp', `reject')
FEATURE(`use_cw_file')
FEATURE(`always_add_domain')
FEATURE(`redirect')
FEATURE(`smrsh')
FEATURE(`virtusertable')
FEATURE(`mailertable')
FEATURE(`access_db')
FEATURE(`blacklist_recipients')
LDAPROUTE_DOMAIN(`lucidnetworks.net')
FEATURE(`ldap_routing',`hash /etc/mail/mailhost',`null',`bounce')
INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, T=S:5m;R:5m')
FEATURE(local_procmail)
MAILER(local)
MAILER(smtp)

More information about the MIMEDefang mailing list