Postfix Users (and Outlook users)
Dhawal Doshy
dhawal at netmagicsolutions.com
Thu Oct 26 10:49:01 IST 2006
Peter Russell wrote:
> Postfix:
> I was hoping that since there is so many Postfix users using MS we could
> get an updated discussion on what everyone is doing at the MTA level
> with regards to
> a) stopping spam at the MTA
1. mime_header_checks: Block extensions you anyways reject at the MS level.
2. body_checks: Great for rejecting viruses and keywords
3. helo_required: Must have!
4. helo_checks: reject_invalid_hostname, reject_non_fqdn_hostname,
warn_if_reject reject_unknown_hostname
5. public and private RBLs: spamhaus, spamcop, dsbl
See securitysage.com for more details. Keep in mind that some postfix
checks can cause quite a few FPs.
> b) 3rd party anti spam defences - greylisting?
policyd-weight + selective greylisting (more below) + throttling (policyd)
> c) specific configs - like the example in the wiki - a dual postfix
> instance that splits multi recipients messages
standard hold method.
> d) tip and tricks - what have you added to your config that you think
> could benefit others.
We use body_checks + mime_header_checks to reject some viruses and known
spam keywords. We also are testing out dk+dkim with postfix.
> I will happily collate the discussion and add it to the wiki.
>
> The reason i am asking is because we are receiving so much more spam, so
> many more complaints from users and i want to consider some of the
> options available at the MTA - eg a postfix version of greet-pause
> sounds good because i dont think we could go for greylisting, at least
> not at the minute.
See this for selective greylisting.
http://www.stahl.bau.tu-bs.de/~hildeb/postfix/postfix_greylisting.shtml
http://www.gabacho-net.jp/en/anti-spam/anti-spam-system.html
OR use the standard regexps that are distributed with sqlgrey.
> Many thanks and regards
> Pete
- dhawal
More information about the MailScanner
mailing list