Looking for a decent postifx + spam filtering debian guide.

I used to use an exim system with spamassassin on this machine. I had since then moved my mail elsehwere, but now will be moving it back.

While I enjoy exim, I'd rather use postfix for various reasons.

Does anyone have a decent debian based howto for postfix + spam filtering with maildir format that they could recommend?

Thanks in advance.

8 Replies

http://workaround.org/articles/ispmail-sarge/

That one is what i used to set up my virtual hosting setup

It is a bit out of date, being sarge and not etch.. but most things are pretty simple to figure out :)

The hardest part was amavisd config.. but i came to realise that putting everything in 50-user under the /etc/amavisd/ section is pretty much what is needed :)

If you want anymore assistance feel free to let me know

@bezerker:

… Does anyone have a decent debian based howto for postfix + spam filtering with maildir format that they could recommend?

Appended is my anti-spam config from main.cf. It is based on http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt and trial and error. Even though it doesn't include any post-filtering measures (like SA), it is good enough in my case to keep my mailboxes largely spam-free.

Spamhaus provides a nice overview of "Effective Spam Filtering" at http://www.spamhaus.org/effective_filtering.html . The following config corresponds to 1st stage filtering.

Cliff

## ------------------------------------------------------------- ##
# UCE measures
# See: http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt 
# and Postfix docs for explanation of configuration options.
## ------------------------------------------------------------- ##
#
# Uncomment when testing!
#soft_bounce = yes

# Stops a bundle of spam
smtpd_helo_required = yes       
# Prevents addr harvesting      
disable_vrfy_command = yes      

#
# Prefix a new rule with 'warn_if_reject' to prevent real rejects.
#

smtpd_recipient_restrictions = 
        ## Whitelists
        check_recipient_access hash:/etc/postfix/recipient_checks,
        check_client_access hash:/etc/postfix/clients,
        ## Stop bad clients
        reject_invalid_hostname,
        reject_non_fqdn_sender,
        reject_non_fqdn_recipient,
        reject_non_fqdn_hostname,
        permit_mynetworks,
        reject_unauth_destination,
        ## Extra checks
        check_helo_access hash:/etc/postfix/helo_checks,
        check_sender_access hash:/etc/postfix/sender_checks,

        ## DNSBL // http://www.spamhaus.org/zen/
        reject_rbl_client zen.spamhaus.org,
        permit

# Reject the (pre-)sending of SMTP commands.
smtpd_data_restrictions = reject_unauth_pipelining, permit

## ------------------------------------------------------------- ##

@Internat:

http://workaround.org/articles/ispmail-sarge/

That one is what i used to set up my virtual hosting setup

It is a bit out of date, being sarge and not etch.. but most things are pretty simple to figure out :)

The hardest part was amavisd config.. but i came to realise that putting everything in 50-user under the /etc/amavisd/ section is pretty much what is needed :)

If you want anymore assistance feel free to let me know

Hrm. Seems a bit too bulky for my needs.

Also, I don't suppose you or anyone else might have any idea how easy it would be to import my current Maildir into the mysql database for my user if I did decide to switch to this?

Mail is something I've never been too keen on playing with. It's been a set and forget thing for me. :)

What did you find bulky about the workaround tutorial? I used basically that setup on a linode 64 for a long time without any resource issues.

What /would/ be bulky is having all your mail in an SQL database… stick to maildir. Putting your /user account information/ in a database, whilst adding a bit of bloat is very useful - it opens the door to a lot of useful stuff like per user spamassassin configs.

For postfix/spamassassin + clamav amavis (as described in the workaround tutorial) is about as lite as you can get, if you want to avoid amavis, just consult the reference documentation on either postifx.org or spamassassin.org - its pretty straight foward to modify your master.cf / main.cf to pass mail through spamassassin. Its well worth having virus scaning as well though.

i think something in the work arround tutorial confused you..

it doesnt store its mail in there

it stores its user structure in there.. ie usernames passwords etc..

it allows u to have virtual users, so basicly users that dont have a shell login on ur computer

Give this a go.

http://adminspotting.net/building-a-messaging-server

Gotcha, you are correct I didn't look close enough and believe my mail was in the database.

Thanks guys!

Blast it, amavisd-new with etch is a split file config system. Not so big of a deal, however several of the things I'm supposed to change in it do not exist. :P

Time to play with it, but not at 4 am.

:P

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct