final version of SPAMFILTER HOWTO doc

George Toft plug-discuss@lists.plug.phoenix.az.us
Tue, 17 Sep 2002 08:09:11 -0400 

Scott Henderson wrote:
> 
> FYI, the SPAMFILTER HOWTO doc has been revised after installing
> the system on my company's production machine.  The production
> system has been running for a couple of weeks now, and is doing a
> fine job. I consider this doc complete, and accurate.  Following
> this HOWTO can provide anyone (with even the most basic *nix
> skills) to create an anti-spam mail filter relay server.
> 
> http://www.geocities.com/scottlhenderson/spamfilter.html
> 
> Scott
> 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change  you mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss


Hi Scott,

I have some issues and questions:
For the OS install, since you specify what packages to add/remove, why
not just include your kickstart.ks file with instructions on how to
create a kickstart disk?  This avoids the unresolved dependencies
problem.

Your instruction say to remove sendmail in the initial set up, then,
after your reboot, you remove sendmail again.  What happened?

You add users by modifying /etc/passwd with no updates to /etc/shadow. 
Methinks this is not the optimal solution.  Should they not be kept in
sync?  I was taught they must be updated together.  Also, from a
security perspective, direct edits to config files and databases is a
bad idea (see Clark-Wilson security model), and I have seen many botched
production changes because of this.  I realize there are no tools to do
most of what you do in your how-to, but directly editing /etc/passwd?  I
had a tech lead that personally promised corrective action/termination
to every engineer that edited /etc/passwd directly.

You copy the /etc/time zone file to /var/spool/postfix/etc/localtime -
wouldn't making a symlink be better?


Other than that (and the grammar - but that's a George issue), the
instructions are very straight-forward and obvious.  Good job.

George
-- 
              Irrefutable fact about projects: You can have 
                it Quick, Cheap, or Right - pick any two.
What does that tell you if your project is ahead of schedule and under
budget?