Re: FWTK and smap/smapd

[Dominik Miklaszewski <dmikey () mac com>]

"Marcus J. Ranum" wrote:

> It's probably still viable; but much of the functionality of the
> toolkit has been supplanted by larger more popular and complex
> applications. For example, for a good mail proxy consider postfix,
> for a good web proxy consider squid, etc. Just make sure you configure
> them with maximum care. Smap/smapd were not written to be particularly
> efficient (compared to, say, postfix) and may bog down a high volume
> gateway.
>
> I use postfix these days. ;)

I don't know why people don't like sendmail sooo much ;)
I still use it as an SMTP proxy, on a stripped down Netra t1's - one for
outbound emails, and the other for inbound ones..
sitting in DMZ  along with split-DNS architecture and being "armed" with
access_list et consortes.. (Berkeley DB 4.x)  , DNS check up (with -AA thou)
and ORDB open-relay lookups these two fellas are able to process roughly 60k
emails/day, block ~2000 spam and other junk.

In order to get more redundant setup I've made the outbound sendmail as
secondary MX .. and both anti-virus (inbound&outbound) boxes sitting behind
sendmails have primary and secondary routes set accordingly back to them..

IMHO Running sendmail is not a suicide anymore.. especially when you have a
chance to set 99% of those bells&whistles through m4 :)

thanks
--
Dominik Miklaszewski


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards