Spam/AV filtering
Tony Shadwick
tshadwick at goinet.com
Tue May 17 08:18:34 PDT 2005
Oops, that should be security/clamav. Where my mind is this morning...
On Tue, 17 May 2005, Tony Shadwick wrote:
> I'm going to butt my nose in where it doesn't belong and insert my opinion
> here. :)
>
> Here's the setup we run, and it works incredibly well.
>
> Sendmail
> mail/p5-Mail-SpamAssassin
> mail/spamass-milter
> mail/spamass-rules
> mail/spamass-rules_du_jour
> sysutils/clamav (built with miltering)
>
> Add to your .mc file:
> INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=,
> T=S:4m;R:4m')
> INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=,
> T=C:15m;S:4m;R:4m;E:10m')
>
> crontab nightly
> /usr/local/bin/rules_du_jour
>
> Make sure your ports tree is cron'ed to update regularly, have the freshclam
> daemon running, and I'd strong suggest subscribing to the RSS feed at
> http://www.freshports.org/sysutils/clamav
>
> Just my 2 cents. ;)
>
> On Tue, 17 May 2005, Warren Block wrote:
>
>> On Tue, 17 May 2005, Charles Lamb wrote:
>>
>>> Would I want to enable milter with clamav?
>>
>> Depending on your needs, maybe. The clamav-milter lets sendmail reject
>> mail containing viruses immediately, rather than having to receive them and
>> then filter them later.
>>
>> You should also investigate greylisting, which has very little downside and
>> is the most effective antispam measure I've seen yet.
>>
>> Here's something I wrote on that a while back. It needs to be updated, but
>> it should give an idea:
>>
>> http://www.wonkity.com/~wblock/greylist.pdf
>>
>> The default delay introduced by milter-greylist is 30 minutes. From what
>> I've seen in log files, this could probably be reduced to even five minutes
>> and still be effective. Most spamware and viruses don't retry even once.
>>
>> -Warren Block * Rapid City, South Dakota USA
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to
>> "freebsd-questions-unsubscribe at freebsd.org"
>>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list