Gary Stainburn wrote:
Gary;Hi folks
I'm looking at replacing my aging RH7.3+Exim 3 + Sophos + home-grown scripts with a FC3+Exim 4+ Sophos + whatever.
I'm looking at virus and SPAM filtering. Can anyone suggest good configs and options.
Gary
Let me preface all this by saying that I have no experience setting up an enterprise email system on a Linux platform for production, although I have done installed and configured many others (Exchange, Notes and GroupWise) in and for production use in small-medium-large and very large environments. I set out on a project a couple months ago to find a comperable Linux or BSD email platform to what I would expect from a brand new Microsoft email system. So, I have also done a lot of tinkering lately with BSD, and Mandrake and FC3 Linux platforms testing MTAs (Courier and Sendmail so far). While I find that the Courier package is a more complete all around system, Sendmail was actually more straight forward and easier to configure using pieces of Courier and Cyrus (and others) to fill other requirements. I prefer BSD for jsut about any production utility service, like email, because it's possible to build a precise installation with hardly any overhead. Troubleshooting anything in BSD is a nightmare of cryptic error messages and long nights searching for documentation, more experience with BSD would probably have lead to a better impression. I found Sendmail and FC3 to be the most straight forward to install from what I compiled on the machine or using the rpm(s). Although neither FC3 nor Sendmail are perfect, FC3 and Sendmail would be my first choice if I wanted to build a system and move it to production quickly.
The 'add-ons' can quickly become like chosing toppings for a plate of nachos at 7-11. You start out wanting email and antivirus but end up with webmail, various authentication packages, administrative tools and end-user goodies piled on top. I would warn you to be careful when you done testing and not put a machine in production that's had a package tested and removed because MTAs become extremely complex and it's difficult (sometimes impossible) to remove even the smallest package cleanly, but you probably know and wouldn't do that anyway. Sendmail with Courier-IMAP because I like the way Courier-IMAP folders resemble Exchange IMAP folders and ClamAV. I have tested Squirrel Mail also and find that I prefer that ANY webmail package to be installed on a seperate web server (that includes Exchange and Outlook Web Access).
Since I started using reverse MX lookups I have eliminated almost all the spam from my systems, have have not felt the need to add spamassassin yet, but probably will in the next week. Using something like Cyrus saslauth in conjunction with reverse MX and spamassassin would be a great way to support road warriors and keep keep most spam off of your system. If you have an Active Directory or other LDAP structure to authenticate to, I have had success with Courier's authentication package and I recommend encrypting it all using SSL. Using SSL gives you the option to securely authenticate across untrusted networks with plain text or encrypted passwords. Not that I recommend plain text authentication, but it is simple and easiest to configure and removes a layer from troubleshooting. I also found that I needed to compile SSL from the source because the rpm was missing something I needed (but I do not recall what that was). I don't have any travelers to support so I use putty and mutt or port-forwarding if I absolutely have to have a graphical client.
I have not tested any other AV package but ClamAV. I find it straight forward, easy to work with and reliable, so I could not, and probably would not, recommend any other.
I hope something from here is usefull, now I"m consdering Exim and Sophos!