How do others do it?

[Ken A]

Res wrote:
> Hi Jay,
> 
> Chandler, Jay wrote:
> 
>>  Now I'm preparing to tackle the task of setting up Mailscanner outbound.
>>  Obviously I want virus scanning enabled, but how do most of you 
>> handle the spam scanning issue?  Do you tag and pass, do you not scan 
>> at all, or some other option?
> 
> Treat your users like all others, the more that did this the better 
> things would be for all, too many people sit back and say " it'll never 
> be our users spamming " and they end up being, at some stage the ones 
> that ARE :)

It depends who your users are. I assume they are not spammers or you 
wouldn't be asking. So, I think you can be a bit less aggressive with 
your own users. You don't need to run rbl tests against your own IP 
space in SA or MailScanner, you probably don't need to have ANY 
whitelists, and you probably can turn off a lot of tests that would 
normally FP on your users 'marketing' (double-opt-in of course) email.

Run it with very high triggers at first and see how it goes, then 
gradually move triggers down until you are comfortable with the results. 
The goal should be to not tag anything, but catch any real spam 
outbreaks, maybe from a clueless marketing drone, or an exploited 
website. Run anti-virus on any mailserver too, of course.

> It only takes one moron with a worm infected winblows pc an hour to have 
> your mail server sending out 80K spams, but by then it's too late, the 
> damage has already been done.

Blocking port 25 outbound will block 99% of bot activity. I don't think 
I've heard of any that actually use the client's configured mailserver. 
Scanning for viruses (clamav-milter) with catch email that is infected 
with mass email worms.

Ken A.
Pacific.Net


> 
>