(postfix) SPAM filter?

Steve Bertrand iaccounts at ibctech.ca
Wed Dec 12 20:31:28 PST 2007

Duane Hill wrote:
> On Wed, 12 Dec 2007 20:55:45 -0500
> Steve Bertrand <iaccounts at ibctech.ca> wrote:
>> I was going to recommend that, but from my experience, there is no
>> real *easy* way to allow users directly to modify their own settings.
>> I am probably wrong though.
> Postfix is running here on a FreeBSD server as a boarder filter server.
> All bayes and per-user SpamAssassin settings are stored within a MySQL
> database on our SQL server.
> The web mail interface is SquirrelMail installed on a different FreeBSD
> server and has the sasql plugin interfaced to the MySQL server so the
> customers have control over what they want to set their spam score,
> whitelist, blacklist, whether they want bayes filtering, whether they
> want bayes autolearn and so forth.
> It has been pretty low maintenance. I am in the process of evaluating
> the possibility of using amavis-new.

For myself, I've run a very similar environment with a lot of custom
hacked software to integrate it all. The reason I haven't upgraded yet
is because I've hacked so much of squirrelmail and other aspects of the
setup since 2004 that there will be no way for me to carry things over

Depending on what way one looks at it, It may be good or bad that I
don't really have time to follow what is happening with SPAM prevention
in regards to Open Source anymore.

I agree that SA/ClamAV/maildrop is an excellent setup, particularly
running atop of Qmail with VPOPMail etc.

I also have used Sendmail with milters and procmail to do the same

Realistically, it comes down to what the OP wants. I am but one operator
in a 'small' ISP. I also manage it's support department. The truth is
that once the OP stated that budget wasn't an issue, and he wanted
essentially a turnkey solution, the easiest and most cost-effective
method that I have learned is outsource it.

If you can afford the bandwidth to filter in house, then you can also
afford to have a 24*7*1hr support contract with a vendor so your support
staff can do some of your work for you (or play games).

If you can't afford bandwidth inbound, but still want your help-desk
staff and yourself available, outsource to someone or some entity who
specializes on only email security so they can filter before the mail
touches your network.

Otherwise, install/maintain yourself. Understand I am not trying to
negate the use/feasibility of any software. I am running with the fact
that cost for the OP is no issue. If that is truly the case, then why do
it yourself when you can pay someone else who knows better to do it for
you? The cost savings on headaches and lost time on downed equipment
alone are more than worth it.

...I'm being too business-minded, and too obtuse. Back to figuring out
why DBD::mysql won't compile on my legacy FreeBSD box I go...


More information about the freebsd-questions mailing list