Re: Blocking Spam

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I am a system admin and this subject had consumed most of my spare time.
Here's whats worked well for me.
Do some checks at the MTA level first. This will greatly reduce load on your
server.
example (sendmail.mc)
FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending
server misconfiguration - see http://www.ordb.org/faq/\#why_rejected";')dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org',`Rejected - see
http://spamhaus.org/')dnl
This will stop tons on spam.
I've used mailscanner for years makes admin much easier.
Mailscanner has a great RPM that contains itself, spamassassin, and clamav.
It installs flawlessly on my Fedora box.
Be sure to go through the conf file and tell it to use spamassassin.
I use razor, pyzor and bayes in spamassassin.
Also I suggest installing "rulesdujour"
To also catch those emails that contain images I use FuzzyOCR.
Be warned  FuzzyOCR was a pain to get installed.
I also run DCC as a deamon (theres a howto on the mailscanner site)
This setup stops about 99% of our SPAM, with very few false postitves.
Hope this helps others.
PS I you get stuck the folks on the Mailscanner list are very helpful


----- Original Message ----- 
From: "Craig White" <craig@xxxxxxxxxxxxx>
To: "For users of Fedora" <fedora-list@xxxxxxxxxx>
Sent: Thursday, December 28, 2006 10:23 AM
Subject: Re: Blocking Spam


> On Wed, 2006-12-27 at 20:17 -0800, jdow wrote:
> > From: "Florin Andrei" <florin@xxxxxxxxxxxxxxx>
> >
> > > Jeffrey Ross wrote:
> > >>
> > >> Be forewarned,  spamassassin can be a memory pig, I start it with the
> > >> following command:
> > >>
> > >> /usr/bin/spamd -c -m 20 -d -r /var/run/spamd.pid
> > >
> > > Another idea is to run SpamAssassin together with Amavisd-new. This
will
> > > allow a very simple way to also run ClamAV or any other anti-virus
> > > supported by Amavisd-new.
> > >
> > > http://www.ijs.si/software/amavisd/
> > >
> > > http://dag.wieers.com/packages/amavisd-new/
> > >
> > > Essentially, the daemon running in this case is not spamd but amavisd,
> > > plus clamd. SpamAssassin then becomes just one of the libraries used
by
> > > amavisd. Messages are also passed through clamd by amavisd.
> > >
> > > I use this setup in conjunction with Postfix and the results are very
> > > good. SpamAssassin catches the spam proper, ClamAV catches the
infected
> > > messages (and some phishing stuff too), I configured Amavis to just
flag
> > > the spam / infected messages and Cyrus-IMAPd / Sieve is filtering
those
> > > bad messages automatically to a spam folder and a virus folder.
> > > Every once in a while I do a cursory search on those folders and, if
> > > there's no false positive, I just nuke all messages. Of course, Amavis
> > > could be configured to bounce the bad messages (bad idea!), or simply
> > > discard them. The choice is yours.
> > >
> > > Works very well, haven't had issues with email in a very long time.
> >
> > Wull, my take on amavisd is that is its own punishment. Configuring it
> > to something akin to the way I have procmail working is a royal pain
> > in the <sitapon part.> I see way more problems on the SA list with
> > amavisd, mailscanner, or things like that than I do with procmail. But
> > then everybody seems to be scared off from procmail. Maybe that's why.
> ----
> you guys are comparing apples and oranges. Joanne is describing a single
> user setup and Florin is describing a multi-user setup and generally, if
> sendmail is my MTA, I'm still dealing with procmail to move e-mails that
> are tagged by clamav or spamassassin anyway. I personally have found
> procmail impossible to use if the users don't have a shell.
>
> The fact that you see 'way more problems on the SA list with amavisd,
> mailscanner, or things like that than I do with procmail' is
> obvious...mailscanner, amavisd-new, etc. hook into spamassassin whereas
> procmail has to deal with the results and essentially, any posting on
> the SA list about procmail is off-topic. MailScanner, Amavisd-new simply
> assume a basic, functional spamassassin and don't offer much in terms of
> detail of extending spamassassin since that isn't their bailiwick.
> ----
> >
> > (And introducing sendmail into the feed path can drive people insane.)
> ----
> sendmail like procmail and spamassassin has it's own learning curve but
> it certainly is a hill most can climb if they are inclined to do so. I
> find postfix a bit easier to get what I want but there are some
> advantages to sendmail too.
>
> I think that the concept that Florin was trying to get across (and Les
> too) is that there are some really good wrapper systems (MimeDefang,
> Amavisd-new, MailScanner) that in their own way, insert themselves into
> the MTA process and call spamassassin, clamav, whatever the programs
> deem appropriate and my own experimentation with them has led me to
> believe that using one of these wrappers is more effective and more
> efficient and I am gathering that is a common methodology for those who
> run mail servers for multiple users.
>
> As Joanne points out, spamassassin is fairly extensible and many of
> those extensions aren't packaged in the common repos for fedora.
>
> Anyway, not that this matters, I am with Florin on this as I too use
> Postfix, Cyrus, Sieve but I use MailScanner and not Amavisd-new because
> I have found MailScanner to be easy, effective and a bit simpler to
> install/maintain/implement though my last effort at amavisd-new
> (required for CiviCRM/CiviMail) demonstrated that installation and
> configuration has become easier.
>
> Craig
>
>
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux