Hi, > -----Original Message----- > From: Frank Chibesakunda > Sent: Wednesday, May 28, 2003 8:00 AM > > Need urgent help on how to install spamassasin, am running squid proxy > server > but i have a lot of spam mail coming through to my users. Am very new to > spamassasin so please give me a step by step procedure
How many users are you supporting (~10 or ~1000)? From your mail headers, I'm assuming you're using sendmail. You may want to look into running SpamAssassin with MIMEDefang ( http://www.roaringpenguin.com/mimedefang/ ) as a sitewide solution. See http://www.rudolphtire.com/mimedefang-howto/ for more info. Also, consider rejecting mail from sites listed on certain DNSBLs (opm.blitzed.org, proxies.relays.monkeys.com, zombie.dnsbl.sorbs.net) It's doubtful you'll get any useful mail from addresses on these blacklists. You will save bandwidth by rejecting mail early; be careful how you do this, as it's not possible to recover mail rejected this early in the mail transport process. On Wed, 28 May 2003, Gary Funck wrote: > Couple of things: > - You mention "squid proxy" below. That's a proxy server which serves up > things like HTTP and FTP. It's not mail software per se. Are your users > accessing their e-mail from a mail service you provide or some sort of > outside provider like Yahoo or MSN (hotmail)? If it's an outside provider, > then there may not be much you can do to help out your users. If you (Frank) are running Squid, make sure it doesn't proxy connections from the public internet to other destinations on the public internet. It should only allow internal->external traffic, and maybe external->internal traffic (beware of turning your mailserver into an open relay if you do this.) internal->internal traffic probably doesn't need to be proxied and external->external traffic is a MASSIVE security problem; people will launder connections through your system to send spam, attack other networks, etc., and you'll pay for the bandwidth they use. So before doing anything, make sure your proxy server is locked down tight. > - Spamassassin gets used in a lot of different configurations. Some are > very complicated, some are simple. There's a learning curve. Start simple. > Try it out in your own user account, or a test account that receives lots > of spam first. To get along with your users, break your own email first :) > - Spamassassin is written in Perl, and even though you don't need to be > a Perl programmer to use SA (it helps, when you want to customize it), > it is helpful to know something about Perl modules, CPAN, and the typical > methods used to install software written in Perl. Understanding CPAN will save you a lot of time and effort on many projects. > - The short answer: > > 1. Go here: http://eu.spamassassin.org/doc.html and read the docs. > 2. Go here: http://eu.spamassassin.org/downloads.html and download version > 2.55 in a form suitable for your installation. > 3. Unpack the distribution, or install the source rpm's, then follow the > steps in the INSTALL file. > 4. Use SA only for your account or for a few understanding/trusted users > until you convince yourself you've got the bugs in your installation worked > out. I'll assume you have many users who would be uncomfortable working with procmail. In this case, you should probably install SpamAssassin site-wide with something like MIMEDefang and work on giving users control over SpamAssassin settings later. hth, -- Bob Apthorpe ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
