The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HowTo: Build MailScanner "firewall" in front of cPanel servers

Discussion in 'E-mail Discussions' started by nickn, May 17, 2004.

  1. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    This is a howto I've written by request, it's not 100% done, and it's considered beta right now, however I'd like some input on it, even reading over it, anything you don't understand offhand, etc...

    http://www.drinkology.com/mailscanner.pdf

    Basically, what this does is let you put a server (firewall) up so that all incoming mail to your server goes through this first, checking it for spam and viruses, and than sends the mail on to your cPanel server.

    It's much better than doing it on the cPanel server, since it's more realiable (better checking.) as well as saves the resources used if you had it on your webserver.

    Input? Requests? etc.....
     
  2. perlchild

    perlchild Well-Known Member

    Joined:
    Sep 1, 2002
    Messages:
    279
    Likes Received:
    0
    Trophy Points:
    16
    If I may disagree, the real reason its better is that you can upgrade mailscanner independantly of cpanel, and you no longer are limited in your mailscanner install by the design of cpanel.
    A case could be made however that running the mailscanner on a different host would allow you to run mailscanner with a different mta than on the cpanel box, which would limit the chances of an exploit going through(the exploit would have to go through postfix for example, and THEN be undetected by exim on the cpanel box) something a lot less likely than an exploit going through two exim boxes. Also, since you can patch the "forward" machine independantly, it could even run a different OS.

    That could make it more secure, but not just running it on a different box(ok so having twice the ram to play with is nice, and WILL help performance, but that's not the same as security)
     
  3. nickn

    nickn Well-Known Member
    PartnerNOC

    Joined:
    Jun 15, 2003
    Messages:
    619
    Likes Received:
    1
    Trophy Points:
    18
    You can disagree...but it's pointless...

    Advantages:

    * You are using Pyzor/Razo2/DCC/SpamURI Path (much more accurate)
    * The system can be optimized purely for doing scanning
    * Viruses like SoBig hit, it doesn't affect the web servers at all, in essence, it's acting like a firewall
    * You aren't limited to cPanel's script (like you said)
    * I'm going to be optimizing this day after day.
    * You have much more options.
    * Better rulesets, soon you'll have to ability to do Baysian Training
     
  4. goodmove

    goodmove Well-Known Member

    Joined:
    May 12, 2003
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    What happened to your document? I am getting a 404. :confused:
     
Loading...

Share This Page