|
|
|
> HOME > PROJECTS > E-MAIL GATEWAY: CONTENT SCANNING USING QMAIL, AMAVIS, CLAMAV, AND SPAMASSASSIN
|
 |  |  |
 |
E-mail Gateway: Content Scanning using Qmail, Amavis, Clamav, and Spamassassin
E-mail Gateway: Content Scanning using Qmail, Amavis, Clamav, and Spamassassin
Overview
E-Mail needs to be closely scrutinized in today's world of viruses and godforsaken spammers. Our goal was to setup a system that could easily manage this nightmare. We needed to setup an e-mail gateway to filter all of our site's mail. Qmail, Amavis, Clamav, and Spamassassin were selected; all heavily-developed and supported open-source tools.
Daemon's-eye View
Amavisd-new unifies dozens of content-scanning functions. Aside from its own capabilites, it is built to use external tools such as SpamAssassin and virus scanners. Here is the e-mail flow on our system:
Amavisd-new ties into the SpamAssassin Perl module directly, as opposed to the various virus scanners where Amavis communicates with an external daemon, such as Clamav in our case. Amavisd-new itself is sandwiched between two Qmail installs, a dual-MTA setup. With other MTAs or possibly with patches to Qmail, there are other ways to integrate Amavis. However, this setup is very robust and does not overly complicate things.
Qmail-outside listens on the external IP, the IP that is our site's SMTP server. All mail gets routed to Amavisd-new, which is itself an SMTP server, using Qmail's smtproute facility. Amavis takes the message apart to do its various checks. While SpamAssassin is 'built-in', Clam is consulted over a Unix domain socket. Once done, and assuming the mail passed, Amavis pushes the mail onto qmail-inside. Qmail-inside in this setup is nothing more than a forwarder to our main site's mail storage server (another box running Qmail). This other box is the one responsible for delivery, both to on-campus addresses and to the Internet.
Performance
Running Fedora Core 3 on a dual 2.8 GHz Xeon box, with 2 gigs of RAM, this rig easily handles a mail volume in excess of 130,000 messages a day with an average load right around 1.00. During testing, I spammed the crap out of it from another server, sending 1,000,000 messages in the space of an hour. Qmail showed its incredible resilience here. I ran out of disk space on the /var partition with 600,000 messages queued. The box was still up and responsive, and once I deleted some messages from the queue, mail started moving again. Obviously, reaching this point would be a disaster in normal operation, but it gives a good idea what this setup is capable of.
Links
|
|
 |
|
|
 |  |  |
|
|