Date: Wed, 20 Feb 2002 15:42:02 -0600 (CST) From: Nick Rogness <nick@rogness.net> To: Scott Pilz <tech@vikrant.tznet.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: FreeBSD/Procmail/Virus Message-ID: <Pine.BSF.4.21.0202201532190.8959-100000@cody.jharris.com> In-Reply-To: <Pine.BSF.4.21.0202201530180.80223-100000@vikrant.tznet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 20 Feb 2002, Scott Pilz wrote: > > Hopefully a simple question. > > Our setup: > > ProcMail/QPopper/Sendmail/BSD 4.5-Release > > Around 10k users on our mail server, heavy smtp/pop3 traffic > on a daily basis, 24/7. > > I need to implement "good" virus filters for incoming email on > only selected (those that pay) mailboxes. I have looked long and hard > for a program to do this - nearly all of them only support "global" > configurations, or a replacement to procmail altogether (which I > cannot do). > > For those customers that subscribe, I'd like to simply modify > their .procmailrc and include the pass-thru to the virus scanner.. Any > package that anyone uses/heard of that does this the way I want it to > work? > > I find it hard to believe that people like Postini can do this > on a per-user-level yet there are no good packages available for BSD. > There is a simple and effective solution to MOST spam. Look and see if the your address is in the TO: part of the header. So something like: 1) allow trusted senders (like mailling lists and POSTMASTER) 2) Check and see if To: contains the persons email account 3) Mark it as questionable or delete [whatever]. This catches about 96% of my spam. Here is a sample procmailrc: # Allow and sort freebsd-security mailling list :0 *^Sender:.owner-freebsd-security@FreeBSD.ORG /usr/home/nick/mail/FBSD-SECURITY # Allow from POSTMASTER (bounces) :0 * ^From: .*POSTMASTER /var/mail/nick # Check if I'm in the To: part of the message :0 * ^To: .*nick@rogness.net /var/mail/nick # Put in SPAM box for review :0 /usr/home/nick/SPAM It needs to be tweaked a bit but you get the point. Like I said, it gets about 96% of all SPAM I see. Postini claims 98%...pretty good for a no brainer. As far as Virus scanning...you will probably have to buy something for that. Nick Rogness <nick@rogness.net> - Don't mind me...I'm just sniffing your packets To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0202201532190.8959-100000>