Using MailScanner with Sendmail
Your existing sendmail installation currently listens on the SMTP port (TCP port 25) collecting messages from there, places them in a queue, and delivers them to their destination as soon as possible. This needs to be split into two separate processes, each handled by separate sendmail processes and separate queues:
– one provides SMTP on port 25 and builds MailScanner’s incoming work queue
– the other handles delivery of MailScanner’s output
Create the Second Queue
Your copy of sendmail probably uses the default queue location /var/spool/mqueue. If this directory does not exist, check your sendmail documentation and/or sendmail.cf file for the location of the QueueDirectory. Assuming it is /var/spool/mqueue, create a second queue directory alongside it called mqueue.in and set it to the same ownership and permissions as mqueue. For example:
# cd /var/spool
# ls -ld mqueue
drwxr-x--- 2 root bin 62976 Oct 23 16:18 mqueue
# mkdir mqueue.in
# chown root mqueue.in
# chgrp bin mqueue.in
# chmod u=rwx,g=rx,o-rwx mqueue.in
# ls -ld mqueue mqueue.in
drwxr-x--- 2 root bin 62976 Oct 23 16:18 mqueue
drwxr-x--- 2 root bin 41472 Oct 23 16:18 mqueue.in
This new queue mqueue.in will be used by the copy of sendmail providing the SMTP service.
Change Commands That Start Sendmail
Currently, your copy of sendmail will be started by a script such as /etc/init.d/mail or /etc/rc.d/init.d/sendmail. Somewhere in this script will be the command to start sendmail itself. This should look like this:
sendmail -bd -q15m
You should change this to the following two lines:
sendmail -bd -OPrivacyOptions=noetrn -ODeliveryMode=queueonly -OQueueDirectory=/var/spool/mqueue.in
sendmail -q15m
This first starts the copy of sendmail that provides SMTP service, building the work queue for MailScanner. It then starts the copy of sendmail that delivers the output from MailScanner.
You also might need to change the commands used to shut down sendmail as it now needs to find 2 copies and kill them both. However, this is not critical and the system will work without it.