Date: Tue, 17 May 2005 10:18:16 -0500 (CDT) From: Tony Shadwick <tshadwick@goinet.com> To: freebsd-questions@freebsd.org Subject: RE: Spam/AV filtering Message-ID: <20050517101757.O26182@mail.goinet.com> In-Reply-To: <20050517095622.K26182@mail.goinet.com> References: <000d01c55ae9$9b3d68e0$3400a8c0@visionpayments.com> <20050517084102.T84252@wonkity.com> <20050517095622.K26182@mail.goinet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Oops, that should be security/clamav. Where my mind is this morning... On Tue, 17 May 2005, Tony Shadwick wrote: > I'm going to butt my nose in where it doesn't belong and insert my opinion > here. :) > > Here's the setup we run, and it works incredibly well. > > Sendmail > mail/p5-Mail-SpamAssassin > mail/spamass-milter > mail/spamass-rules > mail/spamass-rules_du_jour > sysutils/clamav (built with miltering) > > Add to your .mc file: > INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, > T=S:4m;R:4m') > INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, > T=C:15m;S:4m;R:4m;E:10m') > > crontab nightly > /usr/local/bin/rules_du_jour > > Make sure your ports tree is cron'ed to update regularly, have the freshclam > daemon running, and I'd strong suggest subscribing to the RSS feed at > http://www.freshports.org/sysutils/clamav > > Just my 2 cents. ;) > > On Tue, 17 May 2005, Warren Block wrote: > >> On Tue, 17 May 2005, Charles Lamb wrote: >> >>> Would I want to enable milter with clamav? >> >> Depending on your needs, maybe. The clamav-milter lets sendmail reject >> mail containing viruses immediately, rather than having to receive them and >> then filter them later. >> >> You should also investigate greylisting, which has very little downside and >> is the most effective antispam measure I've seen yet. >> >> Here's something I wrote on that a while back. It needs to be updated, but >> it should give an idea: >> >> http://www.wonkity.com/~wblock/greylist.pdf >> >> The default delay introduced by milter-greylist is 30 minutes. From what >> I've seen in log files, this could probably be reduced to even five minutes >> and still be effective. Most spamware and viruses don't retry even once. >> >> -Warren Block * Rapid City, South Dakota USA >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050517101757.O26182>