Mailscanner milter to reject high score spam at MTA level

Shawn Iverson iversons at rushville.k12.in.us
Sat Aug 11 13:15:08 UTC 2018 

I have been planning for a MailScanner milter for quite some time.  I have
been specifically studying rpamd's milter source for this purpose.  Alas,
lack of time and lack of money are always an issue, and I put a lot of
hours in my day job.  As Jerry would say, I like to eat and have a roof
over my head :D

If I do find the time to build a milter, performance will definitely be
impacted.  The reason is that postfix will have to keep each session open
for the duration of scanning, and each MailScanner child would have to
issue a callback to postfix after scanning the spam so that postfix can
responds to the connection appropriately  (i.e. reject or accept).  This
will slow down mail processing considerably.  If I do this, I am going to
keep the HOLD queue around, so you would have to choose between speed or
MTA level rejection functionality.






On Tue, Aug 7, 2018 at 10:52 AM David Jones via MailScanner <
mailscanner at lists.mailscanner.info> wrote:

> On 08/07/2018 05:03 AM, info at schroeffu.ch wrote:
> >
> > Hi Mailscanner friends,
> >
> > is there any progress to make MailScanner usable as a postfix milter?
> > The most biggest problem I have is, SPAM is not possible to reject when
> > reaching a high score at MTA level. For my understanding, connect via
> > milter instead of queue ^HOLD would be the solution.
> >
> > For the next decade we are still using MailScanner instead of others
> > like Rspamd, because MailScanner is like a mail suite for mail security,
> > but if there will never be the possibility to reject at MTA level the
> > high score spam, we will also change in 1-3 years while replacing the OS
> > beyond.
> >
>
> One of MailScanner's strongest features is it's batch mode processing
> that will allow it to handle a very high volume of mail flow.  I doubt
> that MailScanner will ever be changed to run as a milter for this reason.
>
> I tried rspamd and found it wasn't as good as the author claims so no
> reason to try to use that as a milter.  It also wasn't as fast as it
> claims.  I could not send high volumes of mail through it like I could
> with MailScanner.
>
> If you want to block high scoring spam at the MTA level, I suggest using
> amavis or spamd with the same SA rulesets as MailScanner.  This will get
> you most of the power of MailScanner's blocking at the MTA.
>
> https://wiki.apache.org/spamassassin/IntegratedInMta
>
> If you you use postscreen and postwhite at the Postfix MTA level, you
> can block most of the obvious spam with a tuned list of RBLs.  See the
> SA users mailing list over the past year for details on this from me and
> a few others.
>
> I suggest setting up a quick test VM with iRedmail to get a good example
> of how to do TLS and amavis integration well with Postfix.
>
> --
> David Jones
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>

-- 
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x1171
iversons at rushville.k12.in.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180811/ad7cedb7/attachment.html>

More information about the MailScanner mailing list