[Dovecot] what best for anti-spam filter?
arnaud.abelard at univ-nantes.fr
Tue Jul 24 10:16:35 EEST 2012
On 07/24/2012 06:49 AM, Noel Butler wrote:
> On Tue, 2012-07-24 at 11:58 +0800, fy wrote:
>> what anti-spam for you used ? dspam?spammassian? amavisd-new ? what is
>> best ?
> amavisd-new with spamassassin and anti virus scanner, clamav with
> sanesecurity rules
> use enforcing rules in mail server, like block hosts with no DNS/rDNS
> Enforce SPF, publish SPF with hardfail
> use DNSBL's in your mail server, spamhaus, spamcop, spam.sorbs, and
> more etc.
> milter regex to stop dynamic/suspect hosts
And first of all, even if this is not dovecot related, use a greylisting
> There is no one solution, the solution, is a box of many tricks
> You might get the odd false blocking, but if system opers can not be
> bothered running a compliant network with standardised naming
> conventions for servers, then it is not my problem, and we have had very
> very very few complaints about this type of policy in over a decade. If
> someoine sooks to you, educate them, dont whitelist them.
Indeed! Fighting spam is a continuous task. While greylisting will cut
down the amount of spam by more than 50%, the remaining 50% will give
you the hardest time and will keep changing to bypass your rules. You'll
need to keep an eye on the flow of false negatives or false positive you
We (72,000 mailboxes) are currently using amavisd-new with spamassassin
and CRM114 via a custom plugin instead of the default bayesian filter.
Also like Noel, we're using DNSBLs, SPF (although we had to publish a
permissive record since some of our users are using their ISP smtp
instead of our own).
Arnaud Abélard (jabber: arnaud.abelard at univ-nantes.fr)
Administrateur Système - Responsable Services Web
Direction des Systèmes d'Informations
Université de Nantes
ne pas utiliser: trapemail at univ-nantes.fr
More information about the dovecot