You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by IT_Architect <Ja...@LeadingEdgeITA.com> on 2010/09/17 01:29:55 UTC
Looking for a "How To" to build Spamassassin+ClamAV mail filter
We currently have this combination as part of our control panel with Exim,
SpamAssassin, and ClamAV. I would like to be able to offer this as an
e-mail scrubbing service that would allow the customer to register only his
domain. Then he would make his lowest-cost MX our server. We would bring
in his e-mails, filter out the spam and viruses, and send them to his
in-house mail server at the higher cost MX. Perhaps there is already a
product like that, that I don't know about.
Thanks!
--
View this message in context: http://old.nabble.com/Looking-for-a-%22How-To%22-to-build-Spamassassin%2BClamAV-mail-filter-tp29734002p29734002.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Looking for a "How To" to build Spamassassin+ClamAV mail filter
Posted by John Hardin <jh...@impsec.org>.
On Thu, 16 Sep 2010, IT_Architect wrote:
> We currently have this combination as part of our control panel with
> Exim, SpamAssassin, and ClamAV. I would like to be able to offer this
> as an e-mail scrubbing service that would allow the customer to register
> only his domain. Then he would make his lowest-cost MX our server. We
> would bring in his e-mails, filter out the spam and viruses, and send
> them to his in-house mail server at the higher cost MX. Perhaps there
> is already a product like that, that I don't know about.
Oh, Crikey. Mark Perkel fissioned.
:)
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
End users want eye candy and the "ooo's and aaaahhh's" experience
when reading mail. To them email isn't a tool, but an entertainment
form. -- Steve Lake
-----------------------------------------------------------------------
Tomorrow: the 223rd anniversary of the signing of the U.S. Constitution
RE: Looking for a "How To" to build Spamassassin+ClamAV mail filter
Posted by IT_Architect <Ja...@LeadingEdgeITA.com>.
Brent Kennedy wrote:
> My setup looks something like this...I use postfix to strip the
> headers in emails.
That is helpful. This service will be ahead of Exchange in many instances
as well.
Brent Kennedy wrote:
> I know there are some ISP guys on this list who would know how to
> handle a customer interface if you wanted one.
To provide a professional service I would need to.
Brent Kennedy wrote:
> Little google search foo:
I didn't use your exact search because I use Exim, but I Googled for this
information and didn't come up with anything I could use. After that, I
decided to look on forums for SpamAssassin. This one was the best I've
found so far, and this sub-forum the most appropriate. I searched this
forum before posting.
--
View this message in context: http://old.nabble.com/Looking-for-a-%22How-To%22-to-build-Spamassassin%2BClamAV-mail-filter-tp29734002p29738038.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
RE: Looking for a "How To" to build Spamassassin+ClamAV mail filter
Posted by Brent Kennedy <br...@cfl.rr.com>.
You're asking for help, being rude about it will not get you very far.
Little google search foo:
http://www.section6.net/wiki/index.php/Setting_up_Postfix_Spamassassin_Amavi
sd_Clamav
Without avis:
http://www.xtarutaru.com/2009/04/16/spamassassin-clamav-postfix-without-amav
is-debian/
There are plenty of other articles on the search "postfix clamav sa"
Postfix acts as the MTA, once it accepts the mail, it then can send it
through SA for filtering, SA then plugs it into ClamAV for scanning, then
back to SA. Then you take the script to filter the messages off to another
mail box. If you are hosting multiple domains, you just update the script
with a if then statement. Postfix of course can handle as many domains as
you want. I know there are some ISP guys on this list who would know how to
handle a customer interface if you wanted one.
My setup looks something like this (I do not use amavis):
Mail comes into to postfix MTA, then goes to SQLGrey for greylisting( which
catches a ton of spammers ), if the server has been graylisted, then the
message is allowed to be accepted. Once accepted, its sent through SA, SA
checks with ClamAV, then the message is put through a script that checks the
message headers(see first link for script) then rewrites the TO field if the
message is a virus. You could also have it rewrite for spam too. Personally
I tag it then I have the exchange servers setup to move the tagged messages
to the junk email folder for the user. In your case, you could just tag it.
One note, since I have exchange backend servers, I use postfix to strip the
headers in emails. Exchange has a metabase limit on each datastore that
will eventually cause the datastore to have probems if too many random tags
are received. This is a major issue with spammers since they put all sorts
of crap in emails.
I then manage the server using Webmin.
-Brent
-----Original Message-----
From: IT_Architect [mailto:Jack.Toering@LeadingEdgeITA.com]
Sent: Thursday, September 16, 2010 9:34 PM
To: users@spamassassin.apache.org
Subject: Re: Looking for a "How To" to build Spamassassin+ClamAV mail filter
I gather from all of this you don't know how to build such a filter nor know
of a "How To" I'm buying this type of service now from DynDNS that uses
this combination and it works quite well.
--
View this message in context:
http://old.nabble.com/Looking-for-a-%22How-To%22-to-build-Spamassassin%2BCla
mAV-mail-filter-tp29734002p29734535.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Looking for a "How To" to build Spamassassin+ClamAV mail filter
Posted by IT_Architect <Ja...@LeadingEdgeITA.com>.
I gather from all of this you don't know how to build such a filter nor know
of a "How To" I'm buying this type of service now from DynDNS that uses
this combination and it works quite well.
--
View this message in context: http://old.nabble.com/Looking-for-a-%22How-To%22-to-build-Spamassassin%2BClamAV-mail-filter-tp29734002p29734535.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
Re: Looking for a "How To" to build Spamassassin+ClamAV mail filter
Posted by Karsten Bräckelmann <gu...@rudersport.de>.
On Thu, 2010-09-16 at 16:29 -0700, IT_Architect wrote:
> We currently have this combination as part of our control panel with Exim,
> SpamAssassin, and ClamAV. I would like to be able to offer this as an
> e-mail scrubbing service that would allow the customer to register only his
> domain. Then he would make his lowest-cost MX our server. We would bring
Cost? You mean the MX priority (as seen in host -t MX)?
> in his e-mails, filter out the spam and viruses, and send them to his
> in-house mail server at the higher cost MX. Perhaps there is already a
> product like that, that I don't know about.
While the question as I understand it is not a SA question, and doesn't
match the Subject either...
This oh-so-simple scheme won't work. Spammers give a rats ass about MX
priorities. That is, unless they actively target higher numbered MXs, in
the hope they are less protected.
(The latter, coincidentally, being exactly what you just proposed, no?
Highest numbered MX on-site, while lower will do the filtering.)
--
char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}