How do others do it?

Richard Frovarp Richard.Frovarp at
Tue Dec 5 19:50:38 GMT 2006

Chandler, Jay wrote:
> Scott Silva wrote:
>> Chandler, Jay spake the following on 12/5/2006 10:05 AM:
>>> I'm three months into the mail management duties, and I've taken the
>>> university from a kludged together implementation of SpamAssassin to
>>> running on MailScanner for inbound.
>>> Now I'm preparing to tackle the task of setting up Mailscanner
>>> outbound. 
>>> Obviously I want virus scanning enabled, but how do most of you
>>> handle the spam scanning issue?  Do you tag and pass, do you not
>>> scan at all, or some other option? 
>> If students will be accessing the mail system, then I would hold them
>> to the same standards that you apply to incoming mail. Students are
>> notorious for doing things "they aren't supposed to do". You can
>> whitelist any administration people that need to be.   
> Unfortunately, we're in a position where there are close to 2000 staff
> members who'll be using it-- two boxes handle the entire outbound load
> for everything, be it our webmail, exchange server traffic, and (since
> we disabled port 25 outbound a couple months back) any SMTP traffic
> whatsoever that leaves our network.
> I do realize that if I start flagging departmental messages as spam,
> I'll catch hell, so how have others balanced the greater good of society
> with the needs of their local institutions?

I can see scanning for viruses. I don't know if I would worry about 
anything else. The other people should be doing their own scanning. I am 
assuming that your outbound servers require authentication. Spam is 
usually sent by bots that wouldn't be going through your authenticated 
server. By blocking 25 you've probably done the best you can.

More information about the MailScanner mailing list