|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: FILTER_README suggestions
From: Darron Froese (darron
nonfiction.ca)
Date: Fri Sep 01 2006 - 11:53:27 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 1-Sep-06, at 8:53 AM, Wietse Venema wrote:
> Unfortunately, the text gives no example of how one would implement
> this advice. Personally, I use no external filter so I have a hard
> time coming up with field-tested examples.
>
> What do people use:
We reject some mail directly at SMTP (reject_unknown_sender_domain,
reject_non_fqdn_sender, check_helo_access,
reject_unknown_recipient_domain, reject_unauth_destination,
reject_unlisted_recipient and a manual domain name blacklist) but
after that:
1. Everything that matches a cable, DSL or dialup connection gets
greylisted with tumgreyspf - configurable with a manual whitelist for
broken mail servers.
2. All mail with known viruses get silently discarded (amavisd-new
and clamav)
3. Mail gets tagged with SpamAssassin (through amavisd-new and a
bunch of extra SA plugins)
4. Clients have the option to discard above a certain SA score or
filter through a web interface .
I did up a diagram of it to figure it all out in my mind while I was
building:
http://nonfiction.ca/mail-arch.jpg
Works great for us - brought down my spam levels from 300 / day with
old Postfix and SA 2.6 down to about 2 or 3 / day.
--
darron froese
principal
nonfiction studios inc.
t 403.686.8887
c 403.819.7887
f 403.313.9233
w http://nonfiction.ca/
e darronnonfiction.ca
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]