sendmail help

D

davidstvz

I inherited a server (to make a long story very short) and I'm having a touch of mail trouble. I think there may be an overzealous virus or spam filter quietly removing some legitimate mail from a user now and then. Unfortunately, I'm not even sure where to begin here.

The previous guy, before leaving, told me that there are two sendmail instances with antivirus and spam filter in between them. Indeed, in the /etc/mail I see configurations for sendmail-rx and sendmail-tx and a note that the rx handles all newly created mail (sent by users or entering the server from outside) and that the tx instance delivers mail (to an MDA I guess).

Anyway, I don't follow this in the config. I'm not recognizing anything in the configuration files that would manage the routing from one instance to another. Maybe I'm not looking for the right thing, but I'm not convinced that the spam filter is really active. Can anyone help me figure this out?
 
Check the possible configuration files that ends with ".mc"

The spam filter should be inside "sendmail-rx.mc"

Code: 
grep INPUT_MAIL_FILTER /etc/mail/sendmail-rx.mc

There are a few dozen different filters to choose from.
So you need to provide more details.

Check /usr/local/etc/rc.d also
Most filter create a start script there.
calling this script with status tells you if the filter is running.

Code: 
$ /usr/local/etc/rc.d/antivirus-milter status
antivirus is running as pid 2669.
$ /usr/local/etc/rc.d/milterregex status
milterregex is running as pid 2615.
$ /usr/local/etc/rc.d/milter-sid status
miltersid is running as pid 2620.
$ /usr/local/etc/rc.d/spamilter status
spamilter is running as pid 2595.
$ /usr/local/etc/rc.d/noattach status
noattach is running as pid 2610.
$ /usr/local/etc/rc.d/milter-greylist status
miltergreylist is running as pid 2656.
 
davidstvz said:
The previous guy, before leaving, told me that there are two sendmail instances with antivirus and spam filter in between them. Indeed, in the /etc/mail I see configurations for sendmail-rx and sendmail-tx and a note that the rx handles all newly created mail (sent by users or entering the server from outside) and that the tx instance delivers mail (to an MDA I guess).
Click to expand...

The reason for the dual-MTA set up is not to have to deal with milters for whatever reason. amavisd (amavisd-new) is set up between the two MTAs, sendmail-rx receives the mail and passes it to amavisd which then calls SpamAssassin and/or a variety of anti-virus programs before returning the mail to sendmail-tx. I know this because I just setup a mail server with sendmail using dual MTAs, amavisd-new with SpamAssassin and clamav.

You can find this setup describled at the following:
http://www.ijs.si/software/amavisd/README.sendmail-dual.txt

You should find the following in sendmail-rx.mc to see the route to avamisd:

Code: 
define(`MAIL_HUB',    esmtp:[127.0.0.1]')
define(`SMART_HOST',  esmtp:[127.0.0.1]')
define(`LOCAL_RELAY', esmtp:[127.0.0.1]')
define(`ESMTP_MAILER_ARGS', `TCP $h 10024')

The MAIL_HUB, SMART_HOST, & LOCAL_RELAY will tell you which server amavisd is running on (127.0.0.1 or localhost in this case) and the ESMTP_MAILER_ARGS tell you the port sendmail-rx is using to forwarding the mail to amavisd (10024, again in this case, your's may be different but this is the standard port.) You should also find a seperate queue for sendmail-rx, something like /var/spool/mqueue-rx.

In sendmail-tx you should find the following to see where amavisd is delivering the mail back for final delivery:

Code: 
DAEMON_OPTIONS(`Addr=127.0.0.1, Port=10025, Name=MTA_TX')

Again, in this case 10025, but yours maybe a different port.

I hope this clears this up a little more and you know exactly what's going on with this type of dual MTA setup.
 
Well, that was a bit late (check my original post date), but this may still be helpful. I'm exactly one week away from migrating this old machine to new hardware and I was just going to install spam assassin as a milter on the new machine this week (kinda last minute I know). Maybe I should use dual MTAs instead.
 
Sorry about the late reply davidstvz. I just ran across your post looking for something on how to adjust the rc.d/sendmail file to start the dual MTA's at boot. I suggest you read the document in my first post. Down a few screens is the links to the different README files or the link in the second post I believe also descirbes the benefits of the differnet setups, milter and dual MTAs. Good luck...
 
You must log in or register to reply here.
Back
Top