Spam/AV filtering

Tony Shadwick tshadwick at goinet.com
Tue May 17 08:18:34 PDT 2005


Oops, that should be security/clamav.  Where my mind is this morning...

On Tue, 17 May 2005, Tony Shadwick wrote:

> I'm going to butt my nose in where it doesn't belong and insert my opinion 
> here. :)
>
> Here's the setup we run, and it works incredibly well.
>
> Sendmail
> mail/p5-Mail-SpamAssassin
> mail/spamass-milter
> mail/spamass-rules
> mail/spamass-rules_du_jour
> sysutils/clamav (built with miltering)
>
> Add to your .mc file:
> INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, 
> T=S:4m;R:4m')
> INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, 
> T=C:15m;S:4m;R:4m;E:10m')
>
> crontab nightly
> /usr/local/bin/rules_du_jour
>
> Make sure your ports tree is cron'ed to update regularly, have the freshclam 
> daemon running, and I'd strong suggest subscribing to the RSS feed at 
> http://www.freshports.org/sysutils/clamav
>
> Just my 2 cents. ;)
>
> On Tue, 17 May 2005, Warren Block wrote:
>
>> On Tue, 17 May 2005, Charles Lamb wrote:
>> 
>>> Would I want to enable milter with clamav?
>> 
>> Depending on your needs, maybe.  The clamav-milter lets sendmail reject 
>> mail containing viruses immediately, rather than having to receive them and 
>> then filter them later.
>> 
>> You should also investigate greylisting, which has very little downside and 
>> is the most effective antispam measure I've seen yet.
>> 
>> Here's something I wrote on that a while back.  It needs to be updated, but 
>> it should give an idea:
>> 
>> http://www.wonkity.com/~wblock/greylist.pdf
>> 
>> The default delay introduced by milter-greylist is 30 minutes.  From what 
>> I've seen in log files, this could probably be reduced to even five minutes 
>> and still be effective.  Most spamware and viruses don't retry even once.
>> 
>> -Warren Block * Rapid City, South Dakota USA
>> _______________________________________________
>> freebsd-questions at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>> To unsubscribe, send any mail to 
>> "freebsd-questions-unsubscribe at freebsd.org"
>> 
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>


More information about the freebsd-questions mailing list