Hi there,
On Fri, 9 Dec 2005 Ruud H.G. van Tol wrote:
Don't reinveent the wheel
+1
For a serious mail server, in order:
1. SMTP-level: DNSBL, DCC-check, etc.
2. central: virus detection
3a. user: sender whitelist
I'm not sure how effective sender whitelisting can be as an anti-spam
tool, unless you know in advance exactly who will be sending you mail. :)
3b. central: spam detection
4. user: procmail
(please comment)
Here's roughly the structure I use on my mailservers:
iptables drops all packets from the most spam-prolific netblocks
sendmail:
/etc/mail/access
Greetpause
Domain-name-based reject list
Reject non-RFC-compliant senders, bad commands, HTTP etc.
Milters:
Greylisting
Recipient filtering
IP-based blocking
Sender Policy Framework
Content-based blocking
milter-regex (for example - one of my favourites)
ClamAV
dnsbl
SBL CSMA SPEWS SORBS NJABL SPAMCOP VIRBL (depends on user)
MimeDefang
SpamAssassin (site-wide)
SpamAssassin (yes, again - for individual users:)
All of this will need to be tailored to your specific profiles.
In general I try to keep the heavily CPU intensive processes to
the later parts of the defences - no sense in wasting a lot of
cycles on junk that can be rejected with just a few.
FWIW the only anti-spam feature in which procmail is involved
in my systems is calling a per-user SpamAssassin, if any.
Most people haven't the faintest idea how much work is involved in
keeping the bulk of spam and other junk at bay. Be prepared for a
long haul, there's a lot of work in my list above.
All I can offer by way of reward is a perverse kind of pleasure when
you check the logs, and see just how much effort those spammers have
wasted trying to get their crap through your defences. It's rather
poor reward for all the effort, but at least it's something.
73,
Ged.
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail