Re: postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?

To: debian-user@lists.debian.org
Cc: debian-user@lists.debian.org
Subject: Re: postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?
From: John Summerfield <debian@ComputerDatasafe.com.au>
Date: Wed, 08 Sep 2004 06:43:06 +0800
Message-id: <[🔎] 413E397A.4060307@ComputerDatasafe.com.au>
Reply-to: root@localhost.dyndns.org
In-reply-to: <[🔎] chfvg1$ilg$1@sea.gmane.org>
References: <[🔎] chfvg1$ilg$1@sea.gmane.org>

Paul Gear wrote:

Hi folks,

(I'm trying this with a different subject in the hope that it makes it
clearer than the previous one...)

I have a server i'm planning to bring online ASAP.  My priorities in
order are security, features, and performance.  My service requirements
are fairly standard:
- SMTP server
- IMAP & POP server
- Web mail
- Virus scanning

My current system is running Fedora Core 1, and when i switch to my
Debian box, i'd like to rethink my current mail server strategy.  My
current product mix is:
- SMTP: sendmail
- Local delivery agent: procmail
- IMAP/POP: dovecot
- Web mail: squirrelmail
- Mail virus scanner: amavisd
- Virus scanning package: McAfee Virus Scan
- SSL: stunnel 4.x

The things i'd like to do better:
- Large email folders (in the hundreds of Mb).
- Server side filtering so that IMAP and web mail get the same filters.
- Spam filtering.

Thoughts i've had so far:

- Postfix has probably the best reputation for security of any free mail
server as far as i can tell, which is quite a bit different from
sendmail's record over the years (although things have been quiet
lately).  I'm a bit of an ignoramus when it comes to exim - how does it
compare?

I use Postfix.

I had a bad experience with exim a few years go, and found it easier tostop bouncing mail by installing Sendmail (i was running a RHLderivitive) than to fix exim.

- Postfix seems to be easier to configure than sendmail.  After 15 years
of sendmail, i still want to puke when i try to read sendmail.cf.
Sendmail.mc is OK, but still not as easy on the eyes and the brain as
/etc/postfix/main.cf.

The .mc files are okay, but I'm not at all sure about m4.

- When it comes to large email folders, maildir seems the way to go (at
the moment on my machine, message deletes can take in the range of 10-20
seconds).  Dovecot supports maildir, but i haven't investigated whether
procmail can do it.

procmail can.

- procmail's configuration is almost as hideous as sendmail's, and i'd
rather not use it if i don't have to.  The only local delivery feature i
really need is server-side filters, and i'd like them to be maintainable
from a web page or mail client if possible, but this isn't essential.


Take it slowly, bit by bit. You can do lots with simple regular expressions.

- I've heard good things about Courier as an IMAP server, particularly
with respect to maildir.

I use Cyrus. Why? It's a good choice. The best? Who cares. I decided toavoid wu-imapd as there have been reports that its security isn't thatgood. People who claim to know recommend cyrus. And courier.

For webmail I have Squirrel. Why? Ships with RHL, and RH doesn't usuallymake bad choices (note sendmail and wu-imap were chosen when the rangeof choices was more limited. Dropping them would offend lots of users).

- ClamAV seems to be as good a virus scanning package as any, and is
free to boot.

We don't do that yet, though we may need to soon.

I would like to use MimeDefang, but it uses Milter and AFAIK that's onlysupported with sendmail.

- I've also heard good things about MailScanner as a virus/spam filter
(certainly it seems to be more polished than amavisd).  However,
MailScanner in woody doesn't seem to support postfix or ClamAV, and
requires exim.  This doesn't seem to be a general limitation with the
products, but simply with the woody versions of them.  With sarge, the
situation seems better, and both postfix and ClamAV are supported by
MailScanner.

At this time I'd be installing Sarge. I would not be seeking to do anupgrade any time soon.

- I'm fairly new to apt-get, and i'm not into its advanced features yet.
Can i run woody with the sarge version of MailScanner, using pinning
for MailScanner until sarge's release into stable?  I've read some basic
howtos about apt pinning, and made a first attempt at getting a hybrid
stable/testing system working, but i'm not sure that i've done it right
(i had to do a few apt-get -f install and the like).  Another package
i'd like to do this with is shorewall 2.x.

- MailScanner from sarge references clamav and clamavmodule.  Which is
preferred/available under Debian?

You are likely to have problems with libc and other mismatches. I have aWoody development machine just for building Woody versions of Sarge/Sidpackages.


Some packages "just build," some "just don't build."

You should try backports.org (best) and maybe apt-get.org (carefully).



--

Cheers
John

-- spambait
1aaaaaaa@computerdatasafe.com.au  Z1aaaaaaa@computerdatasafe.com.au
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

Reply to:

Follow-Ups:
- Re: postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?
  - From: Paul Gear <paul@gear.dyndns.org>

References:
- postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?
  - From: Paul Gear <paul@gear.dyndns.org>

Prev by Date: Re: php connection to apache
Next by Date: Fwd: finance/business
Previous by thread: Re: postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?
Next by thread: Re: postfix vs. exim, mailscanner vs. amavis, clamav, IMAP server thoughts?
Index(es):
- Date
- Thread