On Mon, Nov 28, 2011 at 18:50, Pandu Poluan <pa...@poluan.info> wrote: > > On Nov 28, 2011 11:35 PM, "Mișu Moldovan" <du...@gnome.org> wrote: >> >> On Mon, Nov 28, 2011 at 17:49, Pandu Poluan <pa...@poluan.info> wrote: >> > >> > Can you point me to a resource on how to integrate MIMEDefang and >> > Postfix? >> >> Think of MIMEDefang as a regular Milter filter. I think this would >> apply: http://www.postfix.org/MILTER_README.html#config >> > > Thanks! Now, any configuration guides?
Heh, I actually wrote a whitepaper on the subject back in the day... But it was geared to the admins of a commercial MTA and that documentation is private and copyrighted by my former employee. The general idea is that scanning mail before accepting it gives you a lot of flexibility in rejecting spam, viruses and other unwanted junk. Phishing doesn't hurt anymore, you don't bounce mail, you don't discard it and you don't quarantine it. False positives result in a NDR being generated by the MTA of the sender, so they are guaranteed to reach the real sender (in case one exists, of course). MIMEDefang's configuration is actually a Perl script which gives you a lot of flexibility in dealing with external filters, adding custom rules etc. The default filter is pretty lame as far as I remember, but there are plenty of rich examples on the Internet. I would suggest using combined blacklists extensively before scanning and to not accept mail with high spam scores. Also, a good idea is to block extensions such as exe, pif, bat (in zip files also) before scanning for viruses (if such a scan is really needed). HTH, -- mișu
