*BSDThis forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I'm basically a newbie to Linux/BSD, but I am a network engineer over 10 yrs with focus on Novell. I would like to shield my Novell/Groupwise email server behind OpenBSD smtp relay server, and would also like to add Spam and A/V filtering using open source options. My question is, is this something I could reasonably try to accomplish? I have been looking into Groupwise-specific solutions and had just about settled on something that will run about $700 plus $200 for annual maintenance, but some listserv postings regarding similar needs suggested OpenBSD/Postfix as a more secure solution.
I just started the OpenBSD install on an old system and planning on trying to get that working as a simple SMTP relay first. If that works, I will then test anti-spam/anti-virus filtering, and finally if everything is solid probably move the box onto better hardware. Also, currently using CA eTrust 7.0 for corporate A/V. Specs say it runs on Unix/Linux, is there a chance it will also work on OpenBSD?
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
There are lots of people who use Postfix (or sometimes Qmail) + Amavisd (or clamd is a lesser-used route) + SpamAssassin and it works reasonably well. It's not going to be anywhere near as effective as a commercial anti-spam solution, but if you're looking to do it "for free" than the above would certainly be free, from a software perspective.
Implementing it on OpenBSD makes it more interesting since you can use the pf(4) packet filter and spamd(8) in order to tarpit spammer connections (waste their resources).
From Chort's post I'm gathering the ideal solution would be to go ahead with the commercial product on the Netware server, and use OpenBSD as a relay just to shield my SMTP server from a direct connection. (It's behind a firewall, but SMTP traffic is directly forwarded to the server). That will still take some time to get approval, so I'm probably going to go ahead and try to setup some filtering through OpenBSD anyway. I'll probably shoot myself in the foot if I get that working though, "why do we need to spend money if it's already being filtered?". But really, if it blocks even 85-90% of spam (and all viruses) I think my users and myself would be very happy with that.
Any really big disadvantages to using Suse instead of OpenBSD? Is it a bigger security risk, or not so much? As a Novell shop, I'm sure we'll be using Suse at some point down the road, so I'm going to need to start playing with it.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Actually it's much better to filter for spam at the gateway then on your groupware server (Groupwise, Exchange, etc). That way the processing is off-loaded from your already burdened groupware server and you don't introduce potential software conflicts or incompatibilities. There are commercial products that do essentially what you're trying to do with OpenBSD, only they cost thousands and tens of thousands of dollars. I definitely wouldn't recommend putting anything on Groupwise if you can help it.
With SpamAssassin, you can expect to block somewhere between 60 and 80% of spam, and I don't know about the anti-virus effectiveness of either amavis or clam. I do know that Kaspersky offers anti-virus engines for several UNIX-like operating systems (not sure if OpenBSD is included).
From a security standpoint, you're much better off using OpenBSD as your Internet-facing SMTP relay because a lot more thought and effort have gone into making OpenBSD insanely secure, especially in it's default configuration. You will want to replace Sendmail with Postfix, but there are instructions for doing that after you install the Postfix port.
I'm using the "pcre sasl2 tls" "flavor" of Postfix (on OpenBSD you can set your FLAVOR environment variable prior to making the port), which you'll probably find useful. If you plan any directory integration or to use tools which require MySQL, then you'll want the ldap and/or mysql flavors, although I would strongly recommend adding those unless you're 100% positive that you'll use them.