On milters: Our email handling is a two stage mechanism. Our rented server at our public IP address is a small, cheap VM (with no ports blocked, of course) which runs Postfix and Apache. There is not enough RAM to also run clamd, so we simply use Postfix's builtin filter mechanisms, like SMTP protocol checking, sending domain vs sending IP matching, rate limiting etc., to reject *lots* of obvious spam.
Any email that is actually received by this Postfix is *immediately* forwarded, via an encrypted tunnel, to our second Postfix, which is on our LAN. This second Postfix immediately "delivers" the email to our local Dovecot, which is set up for local IMAP access. On the way, the email is filtered via clamd and our Bayesian spam checker. We also make extensive use of Postfix's 'valias' feature to allow the us to create multiple email names for a given real user. This is handy when setting up Website logins etc. (This posting from <clamav-us...@iment.com> is an example of that.) Only email to valid user names is delivered, the rest is discarded right away. (You might be surprised how much email to made-up user names arrives. These are mapped by valias's catch-all to "nobody" and then flushed.) Email that is deemed to be spam is actually delivered to a second instance of Dovecot, where it is sorted by year and month and only then by the ultimate real user. This allows us to keep for review email that only appears to be spam. The IMAP access is completely local to our LAN, so our email (as a whole) is not permanently stored on any physically public servers. Also, any purely intra-domain email never leaves our LAN. A final feature in our email handling is that any mail we send out has its destination address automatically recorded in a local database and any reply from that email address never gets routed to the spam bucket, but simply has a header added indicating it's a Reply. (This database also has a local Web interface to explicitly Query, Forget, Allow or Block an email address.) P.S. G.W Haywood ought to consider something like our email reply database. When I replied to an email he sent me from what seemed to be his private email address (i.e., not his clamav address), it was held for a few days at his MTA, "timed out" and was then bounced -- twice. On Sun, 10 May 2020 09:33:11 +0100 (BST) "G.W. Haywood via clamav-users" <clamav-users@lists.clamav.net> wrote: > Hi there, > > On Sat, 9 May 2020, Paul Kosinski via clamav-users wrote: > > > On our mailserver, we run clamdscan, since mail arrives frequently (!). > > On a mail server most people would use a milter, e.g. clamav-milter, > which is part of the ClamAV package. > > The use of milters offers many benefits. It enables a mail server to > inspect a message during the SMTP conversation, allowing the server > (for example) to reject unwanted mail at the earliest possible time, > before accepting the message. This can avoid wasting resources, and > leaks of information to the sender such as the fact that a recipient > address actually exists and accepts mail (valuable information to the > typical spammer, because it is saleable). > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
