G.W. Haywood:
Ruud H.G. van Tol:
For a serious mail server, in order:
1. SMTP-level: DNSBL, DCC-check, etc.
2. central: virus detection
3a. user: sender whitelist
I'm not sure how effective sender whitelisting can be as an anti-spam
tool, unless you know in advance exactly who will be sending you
mail. :)
User sender-whitelisting can't be anti-spam, it is a hole in your
anti-spam, it is anti-anti-spam.
And, from the system manager's point of view, it is a way to prevent
complaints. You can still insert an X-Spam-Score: header to show that
you did all you could.
3b. central: spam detection
4. user: procmail
(please comment)
Here's roughly the structure I use on my mailservers:
iptables drops all packets from the most spam-prolific netblocks
sendmail:
/etc/mail/access
Greetpause
Domain-name-based reject list
Reject non-RFC-compliant senders, bad commands, HTTP etc.
Milters:
Greylisting
Recipient filtering
IP-based blocking
Sender Policy Framework
Content-based blocking
milter-regex (for example - one of my favourites)
ClamAV
dnsbl
SBL CSMA SPEWS SORBS NJABL SPAMCOP VIRBL (depends on user)
MimeDefang
SpamAssassin (site-wide)
SpamAssassin (yes, again - for individual users:)
Nice set. Normally you don't need all this to be as effective in
filtering out infected messages and spam. But if your mail servers are
really getting a lot of traffic, then it pays off to drop packets and in
general to have blocks as early as possible.
OK, back to procmail.
--
Grtz, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail