[KLUG Members] RE: Long live DL! It's not just your father's firewall anymore!

[Bob Kanaley]

Bruce,

I think the Devil made you say that!

The main reason I was trying to do the OpenBSD anti-spam gateway thing was
because it was straight cookbook to implement. It just left out a couple of
ingredients that my palette requires (MC and screen). Being the paranoid
that I am, before I will deviate from a recipe, I have to read reams of man
pages to be sure I am not screwing something up.

Actually I burned a Devil CD and have booted from it once or twice. Since I
don't have a cookbook recipe to follow, I haven't had time to learn the
configuration changes I need to make to implement all those wonderful
features you have listed for the Devil, but I think I know someone one the
list who could help if I get stuck :)

When you get Devil working with Squid I would love to hear what you had to
do to get it working. I really need to implement a proxy on the firewall for
my cable connection to be shared. Right now only two of us are using it by
setting it as a default gateway.

I suspect you could read the published OpenBSD anti-spam anti-virus recipe I
was attempting to follow and adjust it for Devil Linux in no time
http://lawmonkey.org/anti-spam.html. If you are interested and have the time
to do it, I would be glad to be your guinea pig to implement it with Devil
Linux. I could then submit the results to someplace like Linux Gazette to
promote Devil Linux.

Bob

Robert V. Kanaley
Manager Information Systems
Agdia, Inc.
rvk@agdia.com
http://www.agdia.com

 -----Original Message-----
Subject: Re: [KLUG Members] God Bless Sendmail but Long Live Postfix.
> Right now, I am trying to find time to build an OpenBSD anti-spam
anti-virus
> gateway that uses Postfix as the MTA. Once again it is cookbook stuff.

You might want to take a look at running a Devil Linux server.
DL comes all this installed on the CD and ready to run:

o  Postfix configured to run in a chroot environment.
o  Postfix SSL/TLS extension.
o  SpamAssassin
o  Clam Antivirus (Opensource Scanner)
o  Sagator (Email Antivirus Gateway)
o  Fetchmail
o  Plus your choice of the Cyrus POP3/IMAP Server
   or the Dovecot Secure IMAP Server.

Like OpenBSD, everything in DL is compiled with the GCC stack smashing
protector for buffer overflow protection, and runs grsecurity for
additional protection.  It's also a snap to add a hard drive to DL to
store your email, etc.

I recently converted my employer's BIND name servers from Redhat to DL
(also pre-configured to run in a chroot environment).  I'm currently
working on converting my employer's Redhat squid (proxy) server to DL
(working in the lab, soon to be in production).  Once I get this done,
I'm going to look at replacing our RH sendmail with DL/Postfix ...

> I don't have it running yet because I had a little trouble getting the
> OpenBSD setup. I have become highly dependent on SSH, screen and Midnight
> Commander on all of my server boxes. OpenBSD didn't have MC and I felt
lost
> without it. By the time I got MC working on OpenBSD I had to rip the HD
out
> of that test server to use it in another box that was overflowing to
lockup
> and death. I haven't had time to get back to it yet.

DL also comes with MC and SSH.  :-)    Want "screen" too?
I know a developer can add it into the stock distro!  ;-)
(that's actually a good idea, I use "screen" a lot myself!)

> Long Live Postfix.

Long live DL!  It's not just your father's firewall anymore!  :-)

--------------------------------------------
Bruce Smith                bruce@armintl.com
System Administrator / Network Administrator
Armstrong International, Inc.
Three Rivers, Michigan  49093  USA
http://www.armstrong-intl.com/
--------------------------------------------