It’s Christmas Day, I’ve eaten far too much, and am lounging around doing the now-traditional Annual Recoil Cleanup as the year’s todo list has grown ever larger. I’ve been meaning to switch from our venerable qmail-smtpd for some years now, and finally made the move over to qpsmtpd.
qpsmtpd is a drop-in replacement for the SMTP portion of qmail, and is written in Perl with a number of plug-ins which lets us increase our paranoia levels considerably. It’s a pity we have to do this, but the policy of ‘accept anything’ has been under increasing stress for the last few years, and when I looked at my e-mail stats last night, I realised over 99.99% of my incoming e-mail was some kind of virus or spam. Even a 1% miss rate on SpamAssassin is enough to chuck 100s of mails into my inbox!
So now the new e-mail setup at Recoil includes virus scanning via the wonderful clamav, reverse DNS RBL looksup via rfc-ignorant.org, and even early-chatter detection of viruses which blindly blast messages before the initial SMTP greeting has completed. I’m hoping to enable global SpamAssassin checking soon if all else is stable and I don’t get bleating about missing mail from our users.
I played with Greylisting as well to see if it had improved from my earlier experiments a couple of years ago. Unfortunately, it still looks as if there are many broken MTAs out there which don’t cope well with rejection, and manual whitelists are required, which sounds a bit unreliable for setups like ours which sometimes don’t get looked at for years on end (ahem).
So it’s with a tear in my eye that I wave goodbye to qmail-smtpd, the first ever network-facing service deployed on Recoil back in 1998, and incredibly, the only one I’ve never had to upgrade in the 8 years since.