Atomicorp

I want to disable Clamd/Spamassassin completely for email coming in from a Project Gamera box. After all, the whole point is to have the Gamera box do the work.

On this page https://github.com/Atomicorp/project-gamera is gives instructions on how to do so, by editing
/etc/tcpserver/smtp.rules (which is actually /etc/tcpcontrol/smtp.rules for Gamera on RH6/Centos 6 btw)

Unfortunately on my non-Gamera Centos 6 boxes, which run Plesk's qmail, I don't have this directory, let alone the file.

Does anyone have any suggestions? Using qmail-scanner's per-domain option won't help because I don't want to turn off scanning for the domain for mail from all IPs- I only want to turn it off for email that comes in via the Project Gamera box itself.

I think maybe you can duplicate that via an xinetd env variable.

You mean just add space delineated strings in the env = line?

But if that works, wouldn't it be a better way to hook qmail-scanner into qmail in general? (as opposed to replacing the binary).

I'm going to give it a try now to see what happens.....

gah! Didn't work

env = SMTPAUTH=1 IP-I-don't-want-to-scan:allow,RELAYCLIENT="",RBLSMTPD="",QMAILQUEUE="/var/qmail/bin/qmail-queue.orig"

Note the .orig because otherwise we're sending it to the replaced binary, aren't we?

Those quotes don't look like they are doing any good in a line like that though? Nor the commas.

Now that I think about it more, no it wont work. Theres no way to bypass it short of a code change inside qmail-scanner-queue.pl

Darn

Well...I've sort of found a way around it by using spamdyke on the PLesk box to whitelist the gamera IP(s) in the master config, then *in a domain-specific config file for spamsyke*, blacklist all IPs (using the allowed 1-254 syntax). This allows mail from the gamera boxes but no other IP.

Then I configured qmail-scanner's per-domain system to disable all scanners for the domain whose email was being processed by the gamera box.

In this way, email is only accepted for the domain in question if it comes via a Gamera box, and since it has been scanned there already, the Plesk box doesn't scan it again. And that's really what's required at the end of the day.

The downside is that if all the gamera boxes go down, email stops flowing, which means you need more than one Gamera box - you can't have a single gamera box set up as a secondary or backup MX to the Plesk box.

I also found that clamd won't even start in a 512Mb DigialOcean VPS due to lack of memory, and needed a 1Gb one I was quite surprised.