> With postfix, I can safely cut most worms off at the pass by using body > and > header checks (which are part of the MTA's standard operation, and do not > rely on any external protocols or daemons). Everything else that gets past > my in-MTA policy checks (standard postfix stuff, cutting off around 50% of > spam/worms with minimal CPU/RAM requirements) is safely written to disk > and > queued for Amavis SPAM/AV detection, after which good mail is punted back > through the system while bad mail is discarded or quarantined. > > Reliable, understandable, cautious. :-)
Jeff, yes, I'm also very pleased with Postfix and body/header checks, I'm dropping about 80% of inbound mail on average. do you have checks that detect mydoom in ZIPs ? I've put the checks that were on the Postfix list, but, I'm still getting a lot of 30k zips through. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
