[Mimedefang] Should I try to do MIMEDefang with Mailscanner for backup MX
John Rudd
john at rudd.cc
Tue Jun 20 18:57:21 EDT 2006
On Jun 20, 2006, at 12:54, David F. Skoll wrote:
> Steve Campbell wrote:
>
>> I would like to install MIMEDefang on both of these boxes, keeping MS
>> and SA, to block those backdoor secondary-MX spammers.
>
> You should use either MIMEDefang or MailScanner, not both.
> MIMEDefang and MailScanner do roughly the same thing (though the way
> they do it and their particular capabilities are different.)
>
Actually, having been using both, I think there are ways in which they
don't overlap, and trade-offs for each. I think it's perfectly
reasonable to use them together, when you recognize where they do and
don't overlap.
a) MIMEDefang does things like relay checks, sender checks, and
recipient checks that MailScanner doesn't do.
b) MailScanner does bulk AV and AS checks, instead of one at a time
checks (which may lead to a net gain in efficiency).
I think it would be perfectly reasonable, if you don't want/need to
reject viruses during the SMTP transaction, to use each of them for
those two roles. Use MD just for filter_relay, filter_sender, and
filter_recipient. Then use MailScanner for all of your virus scanners
and spam assassin.
Though, there's one more wrinkle:
c) MailScanner does Spam Assassin first, and then your AV scanners ...
so you're passing all of your viruses through Spam Assassin. There's
no way around this. So, if you're concerned about it, you might do AV
checks in MD to reduce your number of messages going through SA, and SA
in MS (ooh, acronym soup). Though, at that point, I don't know if the
bulk SA checks in MS are a net win over MD or not.
If you're not concerned about item C, then I stick with my suggestion.
If you are concerned with item C, or if you're wanting to do virus
rejections during SMTP, then my current opinion is to just go with
MIMEDefang alone.
More information about the MIMEDefang
mailing list