[TriLUG] procmail, sendmail & SA

Aaron S. Joyner aaron at joyner.ws
Wed Mar 31 08:45:59 EST 2004 

Site wide filtering with spamassassin and sendmail is usually 
accomplished one of two ways.

If you are dealing only with local users, procmail is a quick and easy 
answer.  Since your users have local .procmailrc files working (from 
your description), it's highly likely that procmail is setup and working 
correctly.  From a cursory glance at one of my RH9 boxes, there is not a 
/etc/procmailrc file by default, but you can certainly create one with 
similar syntax as you would expect in a user's home directory.

If, on the other hand, as you describe, you want to filter mail that 
only relays through your machine, a different approach is required.  The 
reason for this, is that procmail is the local delivery agent.  It's job 
is to take mail from sendmail, and place it in the appropriate spool 
directory or mbox in the user's home directory (as per it's rule set).  
If the mail isn't going to be delivered locally, sendmail is not going 
to hand it off to procmail, so the /etc/procmailrc will have no effect.  
Enter MIMEDefang.  Check out MIMEDefang and spamassassin integrating to 
sendmail via the Milter interface.  It's "Good Stuff".  In addition to 
spam processing and tagging, it can allow you to actually reject mail 
_during_the_smtp_session_ based on the spam score and other metrics.  
This becomes very important for dealing with large amounts of incoming 
spam and keeping queue sizes down, but is generally nice even in small 
installations.  It's also easy to integrate a virus scanner, check for 
various invalidities in the message which might indicate a virus or 
worm, etc, etc.

More information about particulars of setup is available here: 
http://www.mimedefang.org/

Aaron S. Joyner


Craig Higgins wrote:

>Hi there everyone, 
>
> 
>
>im running RH9 with sendmail and spamassassin which I have managed to get
>working using a procmailrc file in each users home directory.  Hoping to
>move to the next level in the war against spam I was wanting to begin site
>wide filtering, but I see that any code for this is to be entered into a
>/etc/procmailrc file which does not seem to be on the system.so im a little
>confused, do I have procmail on the server? Is it running? And how do I
>tell?  Im hoping that by moving to a site wide filtering system I can filter
>mail that we relay onto a couple of our clients - from what I can tell the
>clients only seem to be aliases on the server and don't actually have a user
>account & home directory which I can create a procmailrc file for.
>
> 
>
>Any thoughts or suggestions regarding this situation would be much
>appreciated.
>
>  
>

More information about the TriLUG mailing list