[Dovecot] what best for anti-spam filter?

Arnaud Abélard arnaud.abelard at univ-nantes.fr
Tue Jul 24 10:16:35 EEST 2012

On 07/24/2012 06:49 AM, Noel Butler wrote:
> On Tue, 2012-07-24 at 11:58 +0800, fy wrote:
>> what anti-spam for you used ? dspam?spammassian? amavisd-new ? what is
>> best ?
> amavisd-new  with spamassassin and anti virus scanner, clamav with
> sanesecurity rules
> use enforcing rules in mail server, like block hosts with no DNS/rDNS
> Enforce SPF, publish SPF with hardfail
> use DNSBL's in your mail server, spamhaus, spamcop, spam.sorbs, and
> more etc.
> milter regex to stop dynamic/suspect  hosts

And first of all, even if this is not dovecot related, use a greylisting 

> There is no one solution, the solution, is a box of many tricks
> You might get the odd false blocking, but if system opers can not be
> bothered running a compliant network with standardised naming
> conventions for servers, then it is not my problem, and we have had very
> very very few complaints about this type of policy in over a decade. If
> someoine sooks to you, educate them, dont whitelist them.

Indeed! Fighting spam is a continuous task. While greylisting will cut 
down the amount of spam by more than 50%, the remaining 50% will give 
you the hardest time and will keep changing to bypass your rules. You'll 
need to keep an eye on the flow of false negatives or false positive you 
are getting...

We (72,000 mailboxes) are currently using amavisd-new with spamassassin 
and CRM114 via a custom plugin instead of the default bayesian filter. 
Also like Noel, we're using DNSBLs, SPF (although we had to publish a 
permissive record since some of our users are using their ISP smtp 
instead of our own).



Arnaud Abélard (jabber: arnaud.abelard at univ-nantes.fr)
Administrateur Système - Responsable Services Web
Direction des Systèmes d'Informations
Université de Nantes
ne pas utiliser: trapemail at univ-nantes.fr

More information about the dovecot mailing list