From owner-freebsd-questions@FreeBSD.ORG Wed May 18 01:59:19 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16D2716A4CE for ; Wed, 18 May 2005 01:59:18 +0000 (GMT) Received: from ezekiel.daleco.biz (cdm-66-76-92-18.cart.cox-internet.com [66.76.92.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D0E643D7B for ; Wed, 18 May 2005 01:59:18 +0000 (GMT) (envelope-from kdk@daleco.biz) Received: from [192.168.2.2] (archangel.daleco.biz [69.27.157.254]) by ezekiel.daleco.biz (8.13.1/8.13.1) with ESMTP id j4I1x0Zn084478; Tue, 17 May 2005 20:59:08 -0500 (CDT) (envelope-from kdk@daleco.biz) Message-ID: <428AA160.7010702@daleco.biz> Date: Tue, 17 May 2005 20:58:56 -0500 From: Kevin Kinsey User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.7) Gecko/20050428 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Charles Lamb References: <007e01c55afe$0ec5bc40$3400a8c0@visionpayments.com> In-Reply-To: <007e01c55afe$0ec5bc40$3400a8c0@visionpayments.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: Spam/AV filtering X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 May 2005 01:59:20 -0000 Charles Lamb wrote: >Well I have amavisd and clamav installed and running but they aren't >filtering the viruses I pick up when I do a clamdscan. > > There's quite a lot of RTFMming to do on these issues. For example, a whole boatload of README.foo under /usr/local/share/doc/amavis*. I've tried a number of different approaches with varying degrees of success. The greylisting idea is interesting (relaydelay.pl? --- I need to go check Warren's updated article), but I've found there's quite a few really dumb MTA out there (that don't know a 451 from a hole in the ground) ... I've got a box or two that I've used Sendmail+amavisd-new+Spamassassin+ clamav in a "Dual Sendmail" setup. Pretty darn effective ... AAMOF when I got too draconian with my .conf, my wife didn't get email from anyone for a good long time, and now thinks her correspondents have all given up. The downside on the "Dual Sendmail" is that you really, really, need a moderate chunk of Sendmail-fu. I think that probably my knowledge of Sendmail is == 1.5 hill o' beans, and there've been a couple of times I had to shell in and "unstick" a queue .... In that particular setup, one instance of Sendmail handles the SMTP (exterior) stuff, and passes everything to amavisd on localhost TCP:10024. The 2nd sendmail is listening on 10025 and gets the "good" stuff from amavisd for local delivery. I'll have to admit ignorance of Milter technology .... sounds like there might be some advantages I should find time to look into ... HTH, Kevin Kinsey