On Jun 1, 2005, at 3:16 PM, Jorn Argelo wrote:
Chad Leigh -- Shire.Net LLC wrote:
On Jun 1, 2005, at 8:07 AM, Bart Silverstrim wrote:
I've been looking into ways of improving our spam filtering.
Currently I'm running postfix with amavisd-new (spamassassin and
clamav), and saw an article on greylisting using postgrey.
Turns out there's a port for it already in FreeBSD.
I don't run postifx and the thing I am about to mention I have
not tried yet, but you may want to explore modifying your
greylisting to be based on spamassassin results.
I use exim as the mta and there is a thing called sa-exim that
lets you run spamassassin at SMTP time so that you can reject
mail if you want before you actually are finished receiving it.
The author of sa- exim has modified it to do greylisting based on
spamassassing scores generated at smtp time, so that you only
greylist mail that is thought to be spam and do not inconvenience
your regular users.
Can you do spamassassin at smtp time with postfix?
That's far too complicated. Postgrey does an excellent job.
Yes, normal greylisting works for some people, but in general, it is
not seconds, but minutes (I don't believe that your server tells it
how long to wait, but rather in general greylisting it returns a 4xx
temporary failure error and the sending mail server will
automatically retry within its own retry rules) and lots of people do
not like to have their good mail greylisted at all as it can delay
good mail for minutes or longer, so the one I described above is a
modification on greylisting that allows it to only greylist possible
spam and not all mail.
Chad
I have installed postgrey yesterday, and it works really well. I
didn't read all the emails regarding this subject, so my apologies
if I only tell you things you've already heared. Basically it works
like this:
You're recieving an e-mail on your mailserver. Postgrey checks if
it's an e-mail address it has seen before (which it stores in a
database). If he has, he passed it to amavis where it can be
processed further. If it isn't a known e-mail address, it
automatically blacklists the e-mail address for an x amount of
seconds while sending the sending server a message that it's busy
and that it should try again in x amount of seconds. Normal
mailservers wait patiently for those x amount of seconds and try
sending it again (except for hotmail, who tries to send it every 30
seconds even if your server tells it to wait 90 seconds). Since
Postgrey has it stored in the database, the email will be passed
trough nicely.
The main advantage of this is that spammers and viruses have
massive amount of email lists and just try to send it to as many
people as possible. They are not going to wait and try to send the
e-mail again, thus you effectively block many amount of spam and
virus e-mail before it's even being processed by amavis / clamav /
spamassasin, saving up system resources.
Configuration of this is really easy. Compile it from the ports,
change flags in the rc.d script (See man page for more info) and
put this in your main.cf. Note the space between sevice and inet.
smtpd_recipient_restrictions = check_policy_service inet:
192.168.1.100:10023,reject_unauth_destination,permit
Start postgrey from the rc.d script and you're ready to go.
Cheers,
Jorn
Chad
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-
[EMAIL PROTECTED]"
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
