Gentoo Archives: gentoo-user

From: Stroller <stroller@××××××××××××××××××.uk>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] RFC: Implementing a spamfiltering frontend
Date: Sat, 21 May 2011 15:27:49
Message-Id: 68EB6446-1AA2-499A-8EEB-E86ACBAA7D42@stellar.eclipse.co.uk
In Reply to: [gentoo-user] RFC: Implementing a spamfiltering frontend by Pandu Poluan
1 On 21/5/2011, at 5:13am, Pandu Poluan wrote:
2 > ...
3 > Due to the increase of spam/phishing emails received by my office, I
4 > decided to explore the idea of implementing a spamfiltering 'frontend'
5 > in front of my email server.
6 >
7 > Here's how I plan to do it:
8 >
9 > fetchmail (G) --> postfix (G) --> amavisd+spamassassin+database (G)
10 > --> postfix (G) --> current email back-end (WS) --> clients (W)
11 >
12 > (G) = the single Gentoo server working as mailfilter
13 > (WS) = mail server on Windows Server
14 > (W) = various Windows clients (XP and 7)
15 >
16 > I need fetchmail because currently we still use a hosting company, at
17 > least until August when we host everything on our own. Then, we'll
18 > drop fetchmail and expose postfix for the world to deliver the mails
19 > to.
20
21 You shouldn't need amavisd / spamassassin, once you're exposing Postfix to the outside world, if you configure it well.
22
23 You should do things like checking that the DNS name matches the helo response given by the server trying to send you mail (this alone filters out a good deal of spam) and be able to use things like DKIM, SPF and even SpamHaus.
24
25 http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail
26 http://en.wikipedia.org/wiki/Sender_Policy_Framework
27 http://www.spamhaus.org/
28
29 (SpamHaus says "free for personal use upto x,000 messages per period", but they don't mind business use as long as you're under that limit; still it's cheap, once you've used the free account to prove the service)
30
31 Using fetchmail you're unable to reject mail in the same way, so you have to use stuff like amavisd / spamassassin.
32
33 Lots of discussion of this on the Postfix mailing list. You should definitely read that for a week or two before deploying.
34
35 Stroller.

Replies

Subject Author
Re: [gentoo-user] RFC: Implementing a spamfiltering frontend Pandu Poluan <pandu@××××××.info>