Hi Andreas, i really like postscreen. There are quite some nice tricks buikd in so thanks again for pushing me in this direction.
i just bundled it now with clamav-milter so the expensive checks are only triggered when a client survives postscreen and all my additional sender/recipient checks and finally a recipient verification. i'm happy now - looks like a sane setup. Cant wait to see first spammers ;) Stefan Am Freitag, 19. Oktober 2018 schrieb Andreas Schamanek : > > On Fri, 19 Oct 2018, at 10:57, Olivier wrote: > >> So, rejecting spam during smtp-dialog is risky, that is why most resolve to some sort of quarantine, and that is when amavis comes handy. > > I agree with the 1st part but that's why I ditched Amavis! If your mail delivery setup includes anything anywhere that can call your spam filter you may not need Amavis. In my case I happen to have Procmail anyway. The filter of my choice is SpamAssassin. So, no need for anything in between. > > My recommendation is to use Postfix with postscreen including a reasonable set of dnsbls, plus a spam filter as far as possible at the end of the processing chain so that it gets called only on mail that is neither clearly ham nor spam. > > Postscreen alone allowed me to ditch ClamAV. After evaluating logs of 1 year the hit rate was about 1 of 2k messages of which 100% were flagged by SpamAssassin. Hit rate increased somewhat with the use of third-party signatures, but these detected pratically only scams and phishing attempts which IMHO need to be distinguished from the classical type of viruses. Indeed, they also caused a number of false positives. > > Again, note that my findings are based on the fact that Postfix with postscreen itself blocks the by far largest part of malicious mail. > > Of course, YMMV, > > -- > -- Andreas > > :-) > >