[CentOS] spam filtering with centos 5.2

Ned Slider ned at unixmail.co.uk
Sun Jun 29 10:46:48 UTC 2008 

John R Pierce wrote:
> In the past I've used a combination of spamhaus combined RBL's and 
> Spamassassin with Mailscanner as my spam recipe, but this stopped 
> working very well for me well over a year ago.   As many of the users of 
> the couple small/personal mail servers I run are NOT technical people, 
> and use POP to read their mail, 'training' spamassassin is difficult at 
> best.  Once upon a time, using the Rules Du Jour scripts from the SARES 
> project worked pretty well, but that has been shut down, and really 
> hasn't been functional in over a year.
> 
> I've just rebuilt a friends mail server with centos 5.2 (it was running 
> FC3 or something before) and would like to setup them up with a decent 
> anti-spam recipe that doesn't require extensive tinkering or training. 
> does anyone have a good recipe for this?   Ideally I'd like something 
> purely RPM based that doesn't require extensive configuration and 
> tuning.     I've never setup razor before, how well does that work if 
> the mail users aren't in a position to feed it training data?
> 

John,

I wrote the Wiki pages on Postfix with restrictions and greylisting here:

http://wiki.centos.org/HowTos/postfix_restrictions
http://wiki.centos.org/HowTos/postgrey

I've found this setup to be highly effective in filtering spam (~99.6%) 
without the need for any post-filtering such as SpamAssassin.

Helo restrictions alone take out about a third of spam on my mail server 
and then I use the following RBL's:

zen.spamhaus.org
dnsbl-1.uceprotect.net,
dnsbl-2.uceprotect.net,
dnsbl-3.uceprotect.net,
psbl.surriel.com,
bl.spamcop.net,

followed up by greylisting to catch the remainder.

I've only seen a few false positives and they have mostly come from 
using the dnsbl-3.uceprotect.net RBL. If you don't want to be too 
aggressive, maybe drop this one from the list and see how you get on.

The only other recommendation I would make is to avoid catchall accounts 
  where ever you can and only accept mail for actual users.

If you then still find you want to run SpamAssassin and/or ClamAV to 
filter the very small amount of spam that makes it through, check out 
this Wiki page:

http://wiki.centos.org/HowTos/Amavisd

although I really haven't found the need to use any post-filtering with 
the above setup.

Obviously the above is based on Postfix but equally applies to other MTA's.

Regards,

Ned

More information about the CentOS mailing list