From owner-freebsd-questions@FreeBSD.ORG Thu Jul 10 12:10:21 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B46D37B401 for ; Thu, 10 Jul 2003 12:10:21 -0700 (PDT) Received: from mail.lewiz.org (pam80-1-6-84.man.dial.ntli.net [80.1.6.84]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8715043F75 for ; Thu, 10 Jul 2003 12:10:17 -0700 (PDT) (envelope-from lewiz@green.lewiz.org) Received: from green.lewiz.org ([192.168.0.10]) by mail.lewiz.org with smtp (Exim 4.20) id 19agnm-000HJT-TZ; Thu, 10 Jul 2003 19:09:58 +0000 Received: (nullmailer pid 796 invoked by uid 4001); Thu, 10 Jul 2003 19:10:11 -0000 Date: Thu, 10 Jul 2003 20:10:11 +0100 From: lewiz To: Doug Lee , freebsd-questions@freebsd.org Message-ID: <20030710191011.GC709@lewiz.org> Mail-Followup-To: lewiz , Doug Lee , freebsd-questions@freebsd.org References: <20030710160543.GJ485@kirk.dlee.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ALfTUftag+2gvp1h" Content-Disposition: inline In-Reply-To: <20030710160543.GJ485@kirk.dlee.org> X-GPG-Fingerprint: 90A4 939E 3847 A3E4 8103 2A48 22DA B428 542F ED3F X-GPG-Info: http://www.westwood.karoo.net/pgpkey / horowitz.surfnet.nl User-Agent: Mutt/1.5.4i X-MailScanner-Information: Please contact the ISP for more information X-MailScanner: Found to be clean Subject: Re: Spam and ad/popup blockers: Recommendations please X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jul 2003 19:10:21 -0000 --ALfTUftag+2gvp1h Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 10, 2003 at 12:05:43PM -0400, Doug Lee wrote: > I seek a good system (or systems) for filtering out mail spam, email > viruses, and web pop-up ads and such at our FreeBSD Internet gateway. For adverts I run Squid with adzap (in the ports). I find it pretty good, although I find the pop-up support a little less advanced. The email situation is different (since not everybody runs the same MTA (although /almost/ all people running proxies I know do use squid)) and depends heavily on your MTA. I have tried quite a few (although for very low volume) and am now settled on Exim (althogh Postfix would suit my needs just as well). Whatever you do (imho) do /not/ use Courier, because it is slightly pedantic about standards. I run Exim with Julian Page's MailScanner (http://mailscanner.info/), which I find suits my purposes nicely. It supports many virus scanners and uses SpamAssassin for spam checks (SpamAssassin also supports Bayesian filtering). You can use more than one virus scanner, too. If you're using Qmail, there is the excellent Qmail-scanner, which does a similar job. MailScanner will also work with Qmail, though, and I like the way it works. Postfix and Sendmail are also supported. Another cross-MTA scanner is amavis (incld. amavis, amavisd and amavisd-new -- who knows which to pick?). SpamAssassian can either add headers to ``considered spam mails'' and you can filter them on a per-user basis with procmail (or even allow the user to do it from the MUA -- possibly changing the Subject instead of the header), or just delete the mail. > mailscanner Weee! > Spam Assassin Used by MailScanner. > Vipul's Razor (the razor-agents port) See above. > 2. Minimal upkeep time required from admin. Since setup I've not had to look at MailScanner (or adzap) again. > 3. Simplicity of use by user (users can mail spam to an address I set > up so it's flagged as spam, but I don't want users to have to know a > lot of tech stuff like procmail just to filter spam). You could easily do something yourself to create a procmailrc, or just provide a stock one, and allow more advanced users to modify it, if they wish. > Virus protection at the gateway is a lower priority since we protect > individual computers, but it wouldn't hurt. For mail it's more important to do it at the gateway, I would have thought. Especially where Outlook is concerned... :) Best wishes, -lewiz. --=20 Don't feed the bats tonight. ------------------------------------------------------------------------ -| msn:purple@lewiz.net | jab:lewiz@jabber.org | url:http://lewiz.net |- --ALfTUftag+2gvp1h Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/DboTItq0KFQv7T8RAh08AKCpXrBD+Y3s4fBiSGbRLjKxwZDwkwCcC9Cr UU6vCNNqXg/AE6HVkLZ7Xbg= =dz0u -----END PGP SIGNATURE----- --ALfTUftag+2gvp1h--