Spam/AV filtering

Tony Shadwick tshadwick at goinet.com
Tue May 17 08:01:12 PDT 2005


I'm going to butt my nose in where it doesn't belong and insert my opinion 
here. :)

Here's the setup we run, and it works incredibly well.

Sendmail
mail/p5-Mail-SpamAssassin
mail/spamass-milter
mail/spamass-rules
mail/spamass-rules_du_jour
sysutils/clamav (built with miltering)

Add to your .mc file:
INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, 
T=S:4m;R:4m')
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, 
F=, T=C:15m;S:4m;R:4m;E:10m')

crontab nightly
/usr/local/bin/rules_du_jour

Make sure your ports tree is cron'ed to update regularly, have the 
freshclam daemon running, and I'd strong suggest subscribing to the RSS 
feed at http://www.freshports.org/sysutils/clamav

Just my 2 cents. ;)

On Tue, 17 May 2005, Warren Block wrote:

> On Tue, 17 May 2005, Charles Lamb wrote:
>
>> Would I want to enable milter with clamav?
>
> Depending on your needs, maybe.  The clamav-milter lets sendmail reject mail 
> containing viruses immediately, rather than having to receive them and then 
> filter them later.
>
> You should also investigate greylisting, which has very little downside and 
> is the most effective antispam measure I've seen yet.
>
> Here's something I wrote on that a while back.  It needs to be updated, but 
> it should give an idea:
>
> http://www.wonkity.com/~wblock/greylist.pdf
>
> The default delay introduced by milter-greylist is 30 minutes.  From what 
> I've seen in log files, this could probably be reduced to even five minutes 
> and still be effective.  Most spamware and viruses don't retry even once.
>
> -Warren Block * Rapid City, South Dakota USA
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>


More information about the freebsd-questions mailing list