On Thu, Jul 10, 2003 at 12:05:43PM -0400, Doug Lee wrote: > I seek a good system (or systems) for filtering out mail spam, email > viruses, and web pop-up ads and such at our FreeBSD Internet gateway.
For adverts I run Squid with adzap (in the ports). I find it pretty good, although I find the pop-up support a little less advanced. The email situation is different (since not everybody runs the same MTA (although /almost/ all people running proxies I know do use squid)) and depends heavily on your MTA. I have tried quite a few (although for very low volume) and am now settled on Exim (althogh Postfix would suit my needs just as well). Whatever you do (imho) do /not/ use Courier, because it is slightly pedantic about standards. I run Exim with Julian Page's MailScanner (http://mailscanner.info/), which I find suits my purposes nicely. It supports many virus scanners and uses SpamAssassin for spam checks (SpamAssassin also supports Bayesian filtering). You can use more than one virus scanner, too. If you're using Qmail, there is the excellent Qmail-scanner, which does a similar job. MailScanner will also work with Qmail, though, and I like the way it works. Postfix and Sendmail are also supported. Another cross-MTA scanner is amavis (incld. amavis, amavisd and amavisd-new -- who knows which to pick?). SpamAssassian can either add headers to ``considered spam mails'' and you can filter them on a per-user basis with procmail (or even allow the user to do it from the MUA -- possibly changing the Subject instead of the header), or just delete the mail. > mailscanner Weee! > Spam Assassin Used by MailScanner. > Vipul's Razor (the razor-agents port) See above. > 2. Minimal upkeep time required from admin. Since setup I've not had to look at MailScanner (or adzap) again. > 3. Simplicity of use by user (users can mail spam to an address I set > up so it's flagged as spam, but I don't want users to have to know a > lot of tech stuff like procmail just to filter spam). You could easily do something yourself to create a procmailrc, or just provide a stock one, and allow more advanced users to modify it, if they wish. > Virus protection at the gateway is a lower priority since we protect > individual computers, but it wouldn't hurt. For mail it's more important to do it at the gateway, I would have thought. Especially where Outlook is concerned... :) Best wishes, -lewiz. -- Don't feed the bats tonight. ------------------------------------------------------------------------ -| msn:[EMAIL PROTECTED] | jab:[EMAIL PROTECTED] | url:http://lewiz.net |-
Description: PGP signature