On Wed, 16 May 2007 at 02:07:10PM +0100, Vic wrote:
> > I'm running both SpamAssassin and ClamAV in daemon mode and I'm
> > using procmail to pass the email from Exim through the filters
> > before it arrives at it's final destination.
>
> That means you've accepted the mail before you pass judgement on it; if it
> then looks like spam, you either discard it (with the risk of losing mail
> for false positives) or stick it in some sort of "spam" box (which means
> all spam has to be human-read anyway).
Yes.
> Far better IMO to reject during the SMTP conversation.
Agreed.
> > * Not many people use Dovecot, though everything I've found suggests it
> > a lot better than the alternatives, and I've found it trivial
> > to install and configure.
>
> Dovecot is the standard for RHEL-based installations (and Fedora too, I
> would imagine). There's very little actually needs configuring wiht it -
> you just select mbox or maildir, and tell it which protocols to deal with
> (pop3/pop3s/imap/imaps).
Good, the RHEL3 boxes we have at work still use Sendmail. I've used Dovecot
on Debian Sarge and Etch and found it to be VERY easy and reliable.
> > I know people who get fancy and do stuff at the packet level and filter
> > bad email before it even talks to the MTA.
>
> iptables is your friend :-)
That's what my friend does. There are also other neat tricks, rejecting almost
all mail and only accepting it from a secondary MX record seems to cut down on
a lot of SPAM, as does rate-limiting incomming connections from Windows
systems - a popular and easy trick on a BSD system. Geographic IP blocking
works quite well too...
--
Adam Trickett
Overton, HANTS, UK
Glory is fleeting, but obscurity is forever.
-- Napoleon Bonaparte
