Re: Bug#155576: To hack or not to hack
On Thu, Aug 08, 2002 at 08:58:41AM +1000, Brian May wrote:
> On Tue, Aug 06, 2002 at 08:30:15PM -0400, Matt Zimmerman wrote:
> > Honestly, I find the idea of using pipes much more palatable than sending
> > the message over SMTP twice back and forth to the local host, just to scan
> > it for viruses. I hope that this method is not entirely deprecated in the
> > latest releases.
>
> The upstream author for some reason prefers SMTP, but I haven't talked
> to him about why.
>
> I think using pipes still requires sending it back and forth though,
> doesn't it?
It is still sent from one program to another, of course, but it is done over
a pipe, rather than over a TCP connection. This eliminates an entire class
of bothersome problems, such as network security and access control, and
should also perform better.
Clearly, a network solution has advantages (for example, if you want to send
the message to a faster machine for scanning a high volume of mail), but for
a simple one-machine configuration it is less preferable in my opinion.
Maybe the rationale for SMTP is that it is supported by all MTAs. But in
order to use amavis this way, the MTA must be configured to recognize SMTP
from a particular local port as coming from a different source, and this is
not trivial for most MTAs (exim 3.x doesn't seem to be able to do it at
all). Ideally, mailers could adopt a common framework for external message
processing (could milter be it? I haven't looked into it). Then software
like amavis and spamassassin could be integrated in very similar ways into
many mailers, without so much configuration and hackery.
--
- mdz
Reply to: