Re: SPAM Control and qmail-ldap proxy.

Sat, 26 Aug 2006 02:13:33 -0700 

Ajay Nawani wrote:

Below is the more clarification:



Please do not top-post. Mail to list, if you hit "Reply all" I get two 
copies of same mail which is unnecessary.



Example:

My domain: hello.com with MX record mx1.hello.com

I'm having three servers as below:



I assume you have correct DNS entries in place so mx1.hello.com has 
first preference of all MXs. Adjust distance in MX records accordingly..




Server1:
Name: mx1.hello.com
Platform: Redhat Linux with Qmail.
Acting as: Inbound SMTP server for hello.com domain (MX pointer) and forward
to pop.hello.com server.



So this server need to run antispam software. I use Spamassassin which 
works great. Use latest version of spamassassin. You can tweak points 
for spam rules etc. More you can check on spamassassin website. In 
qmail-ldap you can use various variables like  MAXRCPTCOUNT,  RBL,  
RCPTCHECK,  REJECTEXEC,   RETURNMXCHECK,  SANITYCHECK,  SENDERCHECK,  
TARPITCOUNT,  TARPITDELAY. Using these variables you can weed out some 
spam. If you plan to use spamassassin and simscan, then you should also 
take a look at QMAILQUEUE environment variable.



Check control files like:  badmailfrom,  badmailfrom-unknown,  
badmailpatterns,  badrcptto,  goodmailaddr.


For details check:
http://www.qmail-ldap.org/wiki/Qmail-smtpd
http://www.qmail-ldap.org/wiki/QMAILQUEUE
http://www.qmail-ldap.org/wiki/Lwql#ldapcluster




Server2:
Name: pop.hello.com
Platform: Solaris, Qmail-LDAP, Courier-IMAP
Acting as: POP3, IMAP Server.



Not sure if you know how to achieve this. But here it is. You can 
forward all mails to this server from mx1 using either 
~control/smtproutes or using mailHost (clustering must be turned on) 
attribute in LDAP.




Server3:
Name: smtp.hello.com
Platform: Redhat Linux with Qmail.
Acting as: Outbound SMTP Server.

I tried ASSP, AVG etc to block spam but none of them are perfect.



It is very difficult to find a "perfect" solution for stopping all spam 
at the same time loose no ham. As for me qmail-ldap+spamassassin+simscan 
works great. It is stopping almost 90% spam but at the same time I face 
odd calls of customers who are loosing ham but that seldom happens. If 
you decide to use this combination, then take a close look at simscan 
options.



You may also consider DSPAM+Mysql as suggested by Jacob. I haven't tried 
it so can't comment on it.


Regards,

--
Sameer N. Ingole
http://weblogic.noroot.org/
---
Better to light one candle than to curse the darkness.























					Reply via email to