From owner-freebsd-isp@FreeBSD.ORG Tue Apr 5 16:32:03 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD19416A4CF for ; Tue, 5 Apr 2005 16:32:03 +0000 (GMT) Received: from skyweb.ca (smtp-2.vancouver.ipapp.com [216.152.192.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4A8CD43D31 for ; Tue, 5 Apr 2005 16:32:03 +0000 (GMT) (envelope-from mjohnston@skyweb.ca) Received: from [192.168.15.82] ([64.42.246.34]) by smtp-2.vancouver.ipapp.com ; Tue, 05 Apr 2005 09:32:00 -0700 From: Mark Johnston To: Phillip Salzman In-Reply-To: <000801c539f8$95268750$6745a8c0@MESE> References: <000801c539f8$95268750$6745a8c0@MESE> Content-Type: text/plain Date: Tue, 05 Apr 2005 11:31:59 -0500 Message-Id: <1112718719.7756.9.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.2.0 Content-Transfer-Encoding: 7bit X-Country: CA cc: isp@freebsd.org Subject: Re: Antispam solutions X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2005 16:32:03 -0000 On Tue, 2005-04-05 at 11:00 -0500, Phillip Salzman wrote: > One of the goals is to prevent the mail from actually hitting our backend > Qmail systems, but at the same time give users the ability to weed through > their messages in a quarantine. Initially we wanted to deploy Spam Assassin > but haven't found any quarantine method available. I set this up a while ago, but quarantining viruses instead of spam. Here's what I did: - Amavis, with the following config for quarantine: @virus_quarantine_to_maps = ( new_RE( [qr'^([^+]+)(\+[^@]*)?@(.*)$' => '${1}+quarantine@$3'] ) ); This just appends "+quarantine" before the @ of virus-infected mail. You could easily use @spam_quarantine_maps instead of @virus_... . - Postfix, with virtual_mailbox_maps set to a complex SQL query that figures out the appropriate maildir and sorts into folders based on +extension - @Mail, with IMAP access (dovecot), for users to come in and browse through the quarantine. Power users can also browse the quarantine with a regular IMAP client. Most customers use POP3 and don't get the quarantined messages. This is a pretty nifty setup, IMO - you get the full flexibility of Amavis to run Spamassassin and virus scanners, and trivial access to the quarantine via the web or via IMAP. I expect you could do the same thing with qmail, but using -quarantine instead of +quarantine. If you want to get a little fancier, you could throw together a simple web-based IMAP client that had "spam/not spam" buttons for learning, and a "rescue from quarantine" that moved the message back to the INBOX, so it would show up in the POP3 box. Hope that gives you some ideas, Mark