hi,
> > IIUC, any DENYs resulting from content scanning on the LAN-box will
> > *ONLY* be seen/received by the Gateway box -- and *NOT* the external
> > sending server.
> >
> > Is that correct?
>
> You are right, and you will also more than probably generate bounces due
> to this.
hm, ok re: the DENYs ...
i'm not clear, though, as to why i would/might generate bounces, and
more than normal, i presume.
is this 2-box config, with one Gateway "front-ending" one/many other
servers a fairly common implementation scenario?
> > If so, *IS* there a way to configure this two-box setup so that the
> > external, sending server will GET the rejectnotices in/during the smtp
> > transaction?
>
> I assume you are doing this because your "edge" exim does not run on a
> computer powerful enough to run spamassassin/clamav.
mostly, yes. AND, an attempt to let the router/fw box do its job and
keep as much 'noise' off my LAN as possible. once an inbound email
passed all the non-content-scanning filters & incremental delays @ the
gateway, it' odds of being rejected "just" on virus/spam content would
be significantly lower -- not zero, i know.
> If this is the case, you can make spamassassin and clamav listen on a
> network socket on your file server. Then configure your "edge" exim to
> use spamassassin/clamav running on the file server.
i'd considered this, but decided against because i thought i'd be
significantly increasing network/lan traffic due to "multiple passes"
of the offloaded message.
e.g., for an "ok" message, the message would pass back-n-forth to the
LAN-server/scanner *5* times,
gateway -> lan AV scanner
lan AV scanner -> gateway
gateway -> SA scanner
SA scanner -> gateway
gateway -> IMAP store
which _seems_ to me a 'bad' way to do things.
am i just better off avoiding the gateway altogether, and passing the
message to the lan-based server in the first place? if so, that seems
counterintuitive ...
thanks.
