[CentOS] spam filtering with centos 5.2
Ned Slider
ned at unixmail.co.uk
Sun Jun 29 10:46:48 UTC 2008
John R Pierce wrote:
> In the past I've used a combination of spamhaus combined RBL's and
> Spamassassin with Mailscanner as my spam recipe, but this stopped
> working very well for me well over a year ago. As many of the users of
> the couple small/personal mail servers I run are NOT technical people,
> and use POP to read their mail, 'training' spamassassin is difficult at
> best. Once upon a time, using the Rules Du Jour scripts from the SARES
> project worked pretty well, but that has been shut down, and really
> hasn't been functional in over a year.
>
> I've just rebuilt a friends mail server with centos 5.2 (it was running
> FC3 or something before) and would like to setup them up with a decent
> anti-spam recipe that doesn't require extensive tinkering or training.
> does anyone have a good recipe for this? Ideally I'd like something
> purely RPM based that doesn't require extensive configuration and
> tuning. I've never setup razor before, how well does that work if
> the mail users aren't in a position to feed it training data?
>
John,
I wrote the Wiki pages on Postfix with restrictions and greylisting here:
http://wiki.centos.org/HowTos/postfix_restrictions
http://wiki.centos.org/HowTos/postgrey
I've found this setup to be highly effective in filtering spam (~99.6%)
without the need for any post-filtering such as SpamAssassin.
Helo restrictions alone take out about a third of spam on my mail server
and then I use the following RBL's:
zen.spamhaus.org
dnsbl-1.uceprotect.net,
dnsbl-2.uceprotect.net,
dnsbl-3.uceprotect.net,
psbl.surriel.com,
bl.spamcop.net,
followed up by greylisting to catch the remainder.
I've only seen a few false positives and they have mostly come from
using the dnsbl-3.uceprotect.net RBL. If you don't want to be too
aggressive, maybe drop this one from the list and see how you get on.
The only other recommendation I would make is to avoid catchall accounts
where ever you can and only accept mail for actual users.
If you then still find you want to run SpamAssassin and/or ClamAV to
filter the very small amount of spam that makes it through, check out
this Wiki page:
http://wiki.centos.org/HowTos/Amavisd
although I really haven't found the need to use any post-filtering with
the above setup.
Obviously the above is based on Postfix but equally applies to other MTA's.
Regards,
Ned
More information about the CentOS
mailing list