From owner-freebsd-questions@FreeBSD.ORG Tue May 17 14:48:16 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C794616A4CE for ; Tue, 17 May 2005 14:48:16 +0000 (GMT) Received: from wonkity.com (wonkity.com [67.158.26.137]) by mx1.FreeBSD.org (Postfix) with ESMTP id 43E5C43D9A for ; Tue, 17 May 2005 14:48:16 +0000 (GMT) (envelope-from wblock@wonkity.com) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.13.3/8.13.1) with ESMTP id j4HEm9f5046468; Tue, 17 May 2005 08:48:09 -0600 (MDT) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.13.3/8.13.1/Submit) with ESMTP id j4HEm9xa046465; Tue, 17 May 2005 08:48:09 -0600 (MDT) (envelope-from wblock@wonkity.com) Date: Tue, 17 May 2005 08:48:09 -0600 (MDT) From: Warren Block To: Charles Lamb In-Reply-To: <000d01c55ae9$9b3d68e0$3400a8c0@visionpayments.com> Message-ID: <20050517084102.T84252@wonkity.com> References: <000d01c55ae9$9b3d68e0$3400a8c0@visionpayments.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (wonkity.com [127.0.0.1]); Tue, 17 May 2005 08:48:09 -0600 (MDT) cc: freebsd-questions@freebsd.org Subject: RE: Spam/AV filtering X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 May 2005 14:48:16 -0000 On Tue, 17 May 2005, Charles Lamb wrote: > Would I want to enable milter with clamav? Depending on your needs, maybe. The clamav-milter lets sendmail reject mail containing viruses immediately, rather than having to receive them and then filter them later. You should also investigate greylisting, which has very little downside and is the most effective antispam measure I've seen yet. Here's something I wrote on that a while back. It needs to be updated, but it should give an idea: http://www.wonkity.com/~wblock/greylist.pdf The default delay introduced by milter-greylist is 30 minutes. From what I've seen in log files, this could probably be reduced to even five minutes and still be effective. Most spamware and viruses don't retry even once. -Warren Block * Rapid City, South Dakota USA