I followed this HOWTO posted by Andrew Bassett at FedoraNews:
Installing Sendmail, SpamAssassin, and Mailscanner on FC1
and found it to be almost entirely accurate a year later on FC4 and the current version of MailScanner. There are a few additions/corrections I would make:
1. Install clamav first. Its now in fedora extras so you should be able to simply:
yum install clamav
I skipped the create sendmail-cf, webmin, DCC, Pyzor, and Razor steps though I might install DCC and Pyzor if I don't get the spam killing results I want.
2. MailScanner is now its own service which starts two instances of sendmail(three if you count the client) so you have to disable sendmail and enable MailScanner. From the MailScanner INSTALL doc:
service sendmail stop
chkconfig sendmail off
chkconfig --level 2345 MailScanner on
service MailScanner start
3. The /etc/mail/domaintable relay setup requires you to have two domains registered. This is not necessary if you use an IP for the destination:
yourdomain.com esmtp:[192.168.0.1]
I used a private IP in the above example because I suspect most of you will be running MailScanner on the firewall, or another box after it, and relaying the mail to an internal mail server (i.e. Domino or Exchange) on the LAN. You could also relay on a different port (read my previous post on how to do this.)
NOTE: You don't have to use an IP address in the mailertable example above. You can also use the brackets to turn of MX lookups for the destination so that the entry below doesn't cause a mail loop like it normally would:
yourdomain.com esmtp:[internalhost.yourdomain.com]
The MailScanner conf file is lengthy but I found most of the defaults to be good enough to get going. The ability to edit the settings for SA, ClamAV, DCC, Pyzor, etc, from one file seems like a real plus.
Wednesday, July 27, 2005
Tuesday, July 19, 2005
HOWTO : Sendmail & Lotus Domino (on the same box)
The new DNSBL feature in Domino6 is definately a step forward in the fight against spam, however the lack of any built-in support for the $DNSBLSites tags in the Notes client makes the feature much less than useful than Lotus would have you believe. I'm a big fan of the open source anti-spam/anti-virus tools for sendmail -- SpamAssassin, ClamAV, etc. and really wanted to use them in front of Domino. The only problem was that I didn't have an extra box sitting around to use as an inbound relay in front of the Domino server. So I figured I'd just run sendmail on port 25 and the Domino SMTP listener task on port 26 and relay from one to the other. I'd already done pretty much the same thing using Symantec Anti-Virus for SMTP Gateways and Domino on the same Win2K box so I knew it could work...in theory.
I got it all configured without too much trouble but sendmail simply would not relay anything to localhost and kept generating this error:
553 mail.mydomain.com. config error: mail loops back to me (MX problem?)
I know it loops back to me -- that's the idea! I found plenty of helpful info on how to correct the MX error which usually is the cause of that error message. But I couldn't find any mention of howto ignore the error and relay anyway. I was certain sendmail could do it but I was having no luck finding that magic incantation. After reading some sendmail/anti-virus howtos, I contemplated writing a custom delivery agent to get the mail to Domino. I was slowly making my way through the chapter on delivery agents in the "bat book" when i found the answer to the loopback problem:
define(`SMTP_MAILER_FLAGS', `k')dnl
The k flag tells sendmail to ignore loopback errors and sure enough, once I added that line to my sendmail.mc, the mail relayed through sendmail to Domino flawlessly.
Here's the relevant lines from my sendmail.mc:
define(`SMART_HOST',`esmtp:[127.0.0.1]')dnl
define(`SMTP_MAILER_FLAGS', `k')dnl
define(`LOCAL_MAILER_FLAGS', `k')dnl
define(`confRELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP localhost 26')dnl
define(`SMTP_MAILER_ARGS', `TCP localhost 26')dnl
define(`ESMTP_MAILER_ARGS', `TCP localhost 26')dnl
I was originally using mailertable to do the relay for specific domains only, which is why the RELAY_MAILER lines are in there, but I ended up using SMART_HOST instead becuase it skips mailertable all together -- one less file to edit. Whichever you choose, smarthost or mailertable, you'll need the domains you want relayed to Domino in the relay-domains file and *not* in the local-host-names file.
In the next post I'll try installing and configuring MailScanner, which is a mail framework that wraps up SpamAssassin, your choice of anti-virus, DCC, Razor, and Pyzor, into a sort of "sendmail sandwich."
I got it all configured without too much trouble but sendmail simply would not relay anything to localhost and kept generating this error:
553 mail.mydomain.com. config error: mail loops back to me (MX problem?)
I know it loops back to me -- that's the idea! I found plenty of helpful info on how to correct the MX error which usually is the cause of that error message. But I couldn't find any mention of howto ignore the error and relay anyway. I was certain sendmail could do it but I was having no luck finding that magic incantation. After reading some sendmail/anti-virus howtos, I contemplated writing a custom delivery agent to get the mail to Domino. I was slowly making my way through the chapter on delivery agents in the "bat book" when i found the answer to the loopback problem:
define(`SMTP_MAILER_FLAGS', `k')dnl
The k flag tells sendmail to ignore loopback errors and sure enough, once I added that line to my sendmail.mc, the mail relayed through sendmail to Domino flawlessly.
Here's the relevant lines from my sendmail.mc:
define(`SMART_HOST',`esmtp:[127.0.0.1]')dnl
define(`SMTP_MAILER_FLAGS', `k')dnl
define(`LOCAL_MAILER_FLAGS', `k')dnl
define(`confRELAY_MAILER', `esmtp')dnl
define(`RELAY_MAILER_ARGS', `TCP localhost 26')dnl
define(`SMTP_MAILER_ARGS', `TCP localhost 26')dnl
define(`ESMTP_MAILER_ARGS', `TCP localhost 26')dnl
I was originally using mailertable to do the relay for specific domains only, which is why the RELAY_MAILER lines are in there, but I ended up using SMART_HOST instead becuase it skips mailertable all together -- one less file to edit. Whichever you choose, smarthost or mailertable, you'll need the domains you want relayed to Domino in the relay-domains file and *not* in the local-host-names file.
In the next post I'll try installing and configuring MailScanner, which is a mail framework that wraps up SpamAssassin, your choice of anti-virus, DCC, Razor, and Pyzor, into a sort of "sendmail sandwich."
Wednesday, July 13, 2005
HOWTO : Lotus Domino on Fedora Core 4 x86_64
I just installed Lotus Domino v6.5.3 on Fedora Core 4 x86_64 (AMD Athlon64) with only a couple hiccups. After the install, there was the usual "libstdc++-libc6.1-1.so.2 not found" error when I started the server in listen mode which was easily fixed with a few yum commands:
>yum provides libc6.1-1.so.2
which said the lib could be found in compat-libc++-296.i386, so...
>yum install compat-libc++-296.i386
After that I was able to start the server in listen mode and complete remote configuration.
This was an additional server in the domain and I had a bit of trouble getting it to talk to the other servers in the domain. This could probably have been avoided by adding connection docs for the new server in the directory after registering it, but *before* starting the installation of the new server.
Also, I was pleasantly suprised to see that the server setup provided an alternative to pulling the admin databases over the network -- it can look for them on the local file system. So you could simply copy (FTP) the necessary databases from another server in the domain beforehand. Its a classic workaround to the problem of trying to pull names.nsf without the connection docs in names.nsf and it was nice to see it as an option.
>yum provides libc6.1-1.so.2
which said the lib could be found in compat-libc++-296.i386, so...
>yum install compat-libc++-296.i386
After that I was able to start the server in listen mode and complete remote configuration.
This was an additional server in the domain and I had a bit of trouble getting it to talk to the other servers in the domain. This could probably have been avoided by adding connection docs for the new server in the directory after registering it, but *before* starting the installation of the new server.
Also, I was pleasantly suprised to see that the server setup provided an alternative to pulling the admin databases over the network -- it can look for them on the local file system. So you could simply copy (FTP) the necessary databases from another server in the domain beforehand. Its a classic workaround to the problem of trying to pull names.nsf without the connection docs in names.nsf and it was nice to see it as an option.
Sunday, July 03, 2005
OpenGL Desktop
i've been interested in an OpenGL rendered desktop for linux for a number of years now. having some extra time on my hands this 4th of July weeked, i decided to see how many more years i'll have to wait.
freedesktop.org is definately on the right track with their XGL project:
http://www.freedesktop.org/wiki/Software_2fXgl
Novell/SUSE recently hired the XGL lead:
http://www.nat.org/2005/february/#9-February-2005
and presented XGL at Brainshare so we might see it in the next Novell Desktop or SUSE release.
Luminocity looks pretty cool too:
http://www.gnome.org/~seth/blog/xshots
clearly there's no need to worry if the linux desktop will be able to compete with the admittedly excess eye candy of OS X or Longwait...er, Longhorn.
personally, for everyday use i prefer a minimalist enviroment like XFCE.
http://www.xfce.org/
i also like the little mouse logo. YUM! take it for a spin with the XFLD live CD:
http://www.xfld.org/Xfld/en/index.html
freedesktop.org is definately on the right track with their XGL project:
http://www.freedesktop.org/wiki/Software_2fXgl
Novell/SUSE recently hired the XGL lead:
http://www.nat.org/2005/february/#9-February-2005
and presented XGL at Brainshare so we might see it in the next Novell Desktop or SUSE release.
Luminocity looks pretty cool too:
http://www.gnome.org/~seth/blog/xshots
clearly there's no need to worry if the linux desktop will be able to compete with the admittedly excess eye candy of OS X or Longwait...er, Longhorn.
personally, for everyday use i prefer a minimalist enviroment like XFCE.
http://www.xfce.org/
i also like the little mouse logo. YUM! take it for a spin with the XFLD live CD:
http://www.xfld.org/Xfld/en/index.html
Subscribe to:
Posts (Atom)