I would like to recommend qmail as the MTA, and then clamav,
spamassassin and qmail-scanner for protecting against spam and viruses.
For qmail, I use the JMS1 combined patch together with a few of my own.
qmail-scanner is patched (enhanced) with the set by Salvatore Toribio
(and of course, my own enhancements again).
For the last two installations I have used FreeBSD instead of OpenBSD on
the server because of some core dumps on OpenBSD when the network load
goes up ("out of static map entries" or something other stupid).
/PeO
Adam Thompson skrev 2009-12-16 08:08:
I previously used OpenBSD for this purpose for many years (back in the
3.x days, though). Previously used postfix from ports instead of
sendmail. Didn't need a heavy-duty anti-spam solution at the time.
Now I get approx 10k spam per day. Did I mention that I've upgraded
my anti-spam requirements since then? (*sigh*)
I've got a dual-Xeon box with two arrays on a 3Ware 7508 card. Disk
performance isn't stellar, but it's more than adequate for my
purposes. With 4x 2.4GHz cores and 4Gb of RAM, I don't _expect_ to
run into any hardware limits unless I do something really stupid.
The big question is: what MTA? sendmail(8) is in base, but I have a
particular (historical) dislike of sendmail. (Yes, I know it's gotten
a lot better over the years. This is my exaggerated application of
the "once burned, twice cautious" principle. I'm just _not_ going to
use sendmail.)
I know postfix fairly well, well enough to know how much of a P.I.T.A.
integrating SpamAssassin with it is.
I see two new things, though (well, one isn't really new, but I've
never used it): spamd(8) and smtpd(8).
The documentation on spamd(8) tells me that it integrates tightly with
pf(4), in such a way that it does NOT take over port 25 locally, it
merely seems that way to certain outside senders... right? It appears
that spamd(8) never proxies a connection onward to localhost:25,
because that has already been decided at the pf(4) layer, i.e. spamd
by definition never actually processes any mail in any way whatsoever?
The documentation on smtpd(8) tells me that is replaces sendmail(8).
Period. The documentation for smtpd(8) does not explain in detail how
to configure /etc/mailer.conf for complete replacement of sendmail.
(I assume I can figure that out, I can read the source.)
I want to plug SpamAssassin (or some similar tool) into the mail flow
for UCE grading and blocking. The sheer volume of spam means that I
need something more granular than pass/fail, I also need a confidence
rating that I can sort by and I know how to do that with SpamAssassin
and procmail.
I have a *ton* of honeypot email addresses that are *guaranteed* to
receive *only* spam.
I also have a lot of mail aliases in the old postfix/qmail/afs/cmu
"userid<separator>t...@domain" format. (e.g.
athompso+open...@athompso.net) I'm willing to deal with those as
individual alias entries if I have to, the MTA doesn't have to
understand that format.
This is getting long, so to wrap up:
1. I think I should run spamd, but I don't know whether to run it in
default or blacklisting mode.
2. I think I should run either smtpd(8) or postfix from ports, but I
don't know if one makes more sense than the other. (The IBM license
doesn't present any problem for this particular scenario.)
3. I think I'll have to use procmail for at-delivery-time pre-sorting
mail into spam folders based on confidence scores from a UCE tool.
4. I think I'll use SpamAssassin to give me spam scores (for use in #3).
I'm not asking to be flamed, I haven't run my own mail server for a
couple of years and things have changed a bit since then... but I am
hoping I've provided enough detail that someone might be able to spot
potential problems before I run into them.
Thank you,
-Adam Thompson
<athom...@athompso.net>
