Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 05 Apr 2005 11:31:59 -0500
From:      Mark Johnston <mjohnston@skyweb.ca>
To:        Phillip Salzman <phill@sysctl.net>
Cc:        isp@freebsd.org
Subject:   Re: Antispam solutions
Message-ID:  <1112718719.7756.9.camel@localhost.localdomain>
In-Reply-To: <000801c539f8$95268750$6745a8c0@MESE>
References:  <000801c539f8$95268750$6745a8c0@MESE>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, 2005-04-05 at 11:00 -0500, Phillip Salzman wrote:
> One of the goals is to prevent the mail from actually hitting our backend
> Qmail systems, but at the same time give users the ability to weed through
> their messages in a quarantine.  Initially we wanted to deploy Spam Assassin
> but haven't found any quarantine method available.

I set this up a while ago, but quarantining viruses instead of spam.
Here's what I did:

- Amavis, with the following config for quarantine:

@virus_quarantine_to_maps = (
  new_RE( [qr'^([^+]+)(\+[^@]*)?@(.*)$' => '${1}+quarantine@$3'] )
);

This just appends "+quarantine" before the @ of virus-infected mail.
You could easily use @spam_quarantine_maps instead of @virus_... .

- Postfix, with virtual_mailbox_maps set to a complex SQL query that
figures out the appropriate maildir and sorts into folders based on
+extension

- @Mail, with IMAP access (dovecot), for users to come in and browse
through the quarantine.  Power users can also browse the quarantine with
a regular IMAP client.  Most customers use POP3 and don't get the
quarantined messages.

This is a pretty nifty setup, IMO - you get the full flexibility of
Amavis to run Spamassassin and virus scanners, and trivial access to the
quarantine via the web or via IMAP.  I expect you could do the same
thing with qmail, but using -quarantine instead of +quarantine.  If you
want to get a little fancier, you could throw together a simple
web-based IMAP client that had "spam/not spam" buttons for learning, and
a "rescue from quarantine" that moved the message back to the INBOX, so
it would show up in the POP3 box.

Hope that gives you some ideas,
Mark

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1112718719.7756.9.camel>