From owner-freebsd-questions@FreeBSD.ORG Thu Dec 13 04:31:28 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2BE8716A419 for ; Thu, 13 Dec 2007 04:31:28 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210]) by mx1.freebsd.org (Postfix) with ESMTP id EE5A413C43E for ; Thu, 13 Dec 2007 04:31:27 +0000 (UTC) (envelope-from iaccounts@ibctech.ca) Received: (qmail 76653 invoked by uid 1002); 13 Dec 2007 04:31:26 -0000 Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with qmail-scanner-1.22 (spamassassin: 2.64. Clear:RC:1(208.70.104.100):. Processed in 6.597597 secs); 13 Dec 2007 04:31:26 -0000 Received: from unknown (HELO ?192.168.30.110?) (steve@ibctech.ca@208.70.104.100) by pearl.ibctech.ca with (DHE-RSA-AES256-SHA encrypted) SMTP; 13 Dec 2007 04:31:19 -0000 Message-ID: <4760B622.5070103@ibctech.ca> Date: Wed, 12 Dec 2007 23:33:38 -0500 From: Steve Bertrand User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: Duane Hill References: <476086E2.5030402@gmail.com> <200712121647.29121.beech@freebsd.org> <47609121.4070206@ibctech.ca> <20071213033500.4caeeea8@duane.dbq.yournetplus.com> In-Reply-To: <20071213033500.4caeeea8@duane.dbq.yournetplus.com> X-Enigmail-Version: 0.95.5 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: (postfix) SPAM filter? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Dec 2007 04:31:28 -0000 Duane Hill wrote: > On Wed, 12 Dec 2007 20:55:45 -0500 > Steve Bertrand wrote: > >> I was going to recommend that, but from my experience, there is no >> real *easy* way to allow users directly to modify their own settings. >> I am probably wrong though. > > Postfix is running here on a FreeBSD server as a boarder filter server. > All bayes and per-user SpamAssassin settings are stored within a MySQL > database on our SQL server. > > The web mail interface is SquirrelMail installed on a different FreeBSD > server and has the sasql plugin interfaced to the MySQL server so the > customers have control over what they want to set their spam score, > whitelist, blacklist, whether they want bayes filtering, whether they > want bayes autolearn and so forth. > > It has been pretty low maintenance. I am in the process of evaluating > the possibility of using amavis-new. For myself, I've run a very similar environment with a lot of custom hacked software to integrate it all. The reason I haven't upgraded yet is because I've hacked so much of squirrelmail and other aspects of the setup since 2004 that there will be no way for me to carry things over (easily;) Depending on what way one looks at it, It may be good or bad that I don't really have time to follow what is happening with SPAM prevention in regards to Open Source anymore. I agree that SA/ClamAV/maildrop is an excellent setup, particularly running atop of Qmail with VPOPMail etc. I also have used Sendmail with milters and procmail to do the same thing...extensively. Realistically, it comes down to what the OP wants. I am but one operator in a 'small' ISP. I also manage it's support department. The truth is that once the OP stated that budget wasn't an issue, and he wanted essentially a turnkey solution, the easiest and most cost-effective method that I have learned is outsource it. If you can afford the bandwidth to filter in house, then you can also afford to have a 24*7*1hr support contract with a vendor so your support staff can do some of your work for you (or play games). If you can't afford bandwidth inbound, but still want your help-desk staff and yourself available, outsource to someone or some entity who specializes on only email security so they can filter before the mail touches your network. Otherwise, install/maintain yourself. Understand I am not trying to negate the use/feasibility of any software. I am running with the fact that cost for the OP is no issue. If that is truly the case, then why do it yourself when you can pay someone else who knows better to do it for you? The cost savings on headaches and lost time on downed equipment alone are more than worth it. ...I'm being too business-minded, and too obtuse. Back to figuring out why DBD::mysql won't compile on my legacy FreeBSD box I go... Steve