joh...@fastmail.com wrote: > I'm now at the phase of looking into Anti-Virus and Anti-Spam. Looks like > ClamAV and Spamassassin are the main options here.
You'll probably want to look into third-party signatures for ClamAV; its detection rate is a bit low otherwise IME. > Both of those projects seem to be pretty alive and kicking too. > > So I'm left with how to integrate them into and with Postfix. The "best" way depends on your goals and requirements for filtering - for instance, I want to use the heuristic tests in ClamAV but I don't want them to be treated as absolute black/white results. So I set up my glue to flag those "viruses" - and ONLY those ones - for a bit of extra score in SpamAssassin instead of immediate quarantine. I also want to run SpamAssassin as a per-user filter, with (potentially) different thresholds and scores for this or that, or different whitelist/blacklist entries, so I call it on final mail delivery instead of from an intermediate stage deeper in the MTA. > I've poked around in all the options listed on the Postfix wiki & the common > option seems to be Amavisd. I'm partial to MIMEDefang as my Swiss-army-chainsaw of choice for in-band mail filtering, but Amavisd is probably a better choice if you don't want to dig into Perl coding to configure your filter. Both are well-tested and solid, IMO. Amavisd comes with more prebuilt filter features and faster out-of-the-box configuration for common mail flow patterns, and it works with nearly any MTA; MIMEDefang allows wide-open access to anything the milter interface lets you do to an email in transit but is restricted to MTAs that offer the milter interface. > But both of those seem to be pretty inactive. Amavisd's not had any releases > or updates afaict since last October, and I was told that the author isn't > really participating in it anymore (I gotta check myself on that). "Project activity" isn't all that useful a metric; chances are nobody has seen the need for a Hot New Killer Feature in a while, and there haven't been any nasty security or functionality bugs. -kgd
