To recap:
My old server ran sendmail, but I decided to migrate to postfix for various
reasons. Some might conclude that the anti-spam and anti-virus capabilities
of the blend of software I'm running are what prompted the switch to postfix,
but all of the following functions can be made to work with sendmail. My
eventual goal is to get the kolab server handling my personal mail, so
getting familiar with postfix is an important milestone for me.
What I'm running:
Postfix
Amavis-new
Clam Anti-Virus
SpamAssassin
Postgrey
RBL (real-time black lists)
I got spamassassin set up so that every email is scanned (in other words,
it's in my MTA path, instead of resorting to procmail), and also postgrey
seems to be working correctly.
Clam detects viruses and deals with them on the mail server, thus adding a
layer of protection for the Windows user.
Amavis-new is apparently set up to look for Windows executables and rejects
any mail containing .EXE, .BAT, etc.. I will have to tell it to silently
delete instead of spam the sender, as viruses often spoof the sender, and I
don't want my server to add to the noise we all find in our mailboxes these
days. Another approach is used by MimeDefang, in that attachment filenames
are munged, rendering them harmless. If Amavis-new can do this, I might do
that instead of deleting the offending messages.
For those that don't know what postgrey is, it's a greylisting feature that
works with postfix (see http://isg.ee.ethz.ch/tools/postgrey/). The down side
is that all email is rejected upon first attempt, and subsequently accepted
for delivery 5 minutes later, thus cutting down on spam. This means that the
first email you send to the list will be delayed at least five minutes, if
not significantly more than that, depending on how long your SMTP server
pauses before resending. After your initial email, postgrey knows who you are
and will pass your mail to the list unhindered.
RBLs are databases that mail servers can query to determine if a sending
mailserver's IP has been spotted as sending spam. Some of these databases are
run by idiots, but after careful research I chose two providers and haven't
had any trouble with them. I've run them for at least two years now on my
other server. I have banners and links to both of them on my homepage.
-- Joey Kelly < Minister of the Gospel | Linux Consultant > http://joeykelly.net "I may have invented it, but Bill made it famous." --- David Bradley, the IBM employee that invented CTRL-ALT-DEL ___________________ Nolug mailing list nolug@nolug.orgReceived on 11/22/04
This archive was generated by hypermail 2.2.0 : 12/19/08 EST