HowTo: Build MailScanner "firewall" in front of cPanel servers

[nickn]

This is a howto I've written by request, it's not 100% done, and it's considered beta right now, however I'd like some input on it, even reading over it, anything you don't understand offhand, etc...

http://www.drinkology.com/mailscanner.pdf

Basically, what this does is let you put a server (firewall) up so that all incoming mail to your server goes through this first, checking it for spam and viruses, and than sends the mail on to your cPanel server.

It's much better than doing it on the cPanel server, since it's more realiable (better checking.) as well as saves the resources used if you had it on your webserver.

Input? Requests? etc.....

 

[perlchild]

Originally posted by snickn


It's much better than doing it on the cPanel server, since it's more realiable (better checking.) as well as saves the resources used if you had it on your webserver.

Input? Requests? etc..... [/B]

If I may disagree, the real reason its better is that you can upgrade mailscanner independantly of cpanel, and you no longer are limited in your mailscanner install by the design of cpanel.
A case could be made however that running the mailscanner on a different host would allow you to run mailscanner with a different mta than on the cpanel box, which would limit the chances of an exploit going through(the exploit would have to go through postfix for example, and THEN be undetected by exim on the cpanel box) something a lot less likely than an exploit going through two exim boxes. Also, since you can patch the "forward" machine independantly, it could even run a different OS.

That could make it more secure, but not just running it on a different box(ok so having twice the ram to play with is nice, and WILL help performance, but that's not the same as security)

 

[nickn]

You can disagree...but it's pointless...

Advantages:

* You are using Pyzor/Razo2/DCC/SpamURI Path (much more accurate)
* The system can be optimized purely for doing scanning
* Viruses like SoBig hit, it doesn't affect the web servers at all, in essence, it's acting like a firewall
* You aren't limited to cPanel's script (like you said)
* I'm going to be optimizing this day after day.
* You have much more options.
* Better rulesets, soon you'll have to ability to do Baysian Training

 

[goodmove]

Originally posted by snickn
This is a howto I've written by request, it's not 100% done, and it's considered beta right now, however I'd like some input on it, even reading over it, anything you don't understand offhand, etc...

http://www.drinkology.com/mailscanner.pdf

Basically, what this does is let you put a server (firewall) up so that all incoming mail to your server goes through this first, checking it for spam and viruses, and than sends the mail on to your cPanel server.

What happened to your document? I am getting a 404.