spamassassin on an open relay

[Mike Kenny <in...@gmail.com>]

Hi,

I am fairly new to the email environment (at least to the
administration of it). I have recently inherited an email system that
has developed a somewhat unfavourable reputation with some of the
anti-spam sites. I have been trying to address this through the use of
spamassassin and amavis with some success. Success in the sense that
spam is no longer entering our system. However it is still being
passed through.

My first question is how do I configure postfix to send all outgoing
mail through amavis?

We can police this to some extent by identifying the users who are
originating the spam and adding them to a blacklist. But our problem
is confounded by the large numer of 3G and GPRS users that we support.
Many of these simply use our smtp server as an 'open relay' to
braodcast mail. Our server is not really 'open' in that only user with
3G/GPRS accounts can access it, but it is extremely difficult to
identify the source of the connection in real time. What I really want
to do is perform spam filtering on all mail that passes through our
relay, this will allow us to keep life simple for users (no
authentication beyond having a valid 3G/GPRS account) and yet prevent
us from polluting the internet with spam. I am sure that it is
possible to configure postfix to do this and that it is just my lack
of experience in this field that is preventing me from seeing ths
solution.

Any pointers/tips/etc. gratefully considered.

TIA

mike

Re: spamassassin on an open relay

[Ed Kasky <ed...@esson.net>]

At 02:53 PM Sunday, 10/1/2006, Benny Pedersen wrote -=>

>On Sun, October 1, 2006 16:39, Mike Kenny wrote:
>
> > We can police this to some extent by identifying the users who are
> > originating the spam and adding them to a blacklist.
>
>in my 15 years with postfix this is still something i dream on :-)

Which is why I love the access.db and sendmail.

Ed

. . . . . . . . . . . . . . . . . .
Randomly Generated Quote (555 of 1090):
I doubt, therefore I might be.

Re: spamassassin on an open relay

[Benny Pedersen <me...@junc.org>]

On Sun, October 1, 2006 16:39, Mike Kenny wrote:
> My first question is how do I configure postfix to send all outgoing
> mail through amavis?

http://www.postfix.org/docs.html

more links ?, google for postfix amavisd-new howto

> We can police this to some extent by identifying the users who are
> originating the spam and adding them to a blacklist.

in my 15 years with postfix this is still something i dream on :-)

> But our problem is confounded by the large numer of 3G and GPRS users
> that we support.

then you are imho not a begginer :)

> Many of these simply use our smtp server as an 'open relay' to
> braodcast mail.

setup smtp auth in postfix

not needed if the users use vpn to your mailservers network

> Our server is not really 'open' in that only user with
> 3G/GPRS accounts can access it, but it is extremely difficult to
> identify the source of the connection in real time.

this is why smtpd auth is needed, if you setup pop-before-smtpd be awhere that you open
relay for 256 ips at once !, so avoid it.

the connecting ip to you could be nat router, this is why pop-before-smtp is not good

> What I really want
> to do is perform spam filtering on all mail that passes through our
> relay, this will allow us to keep life simple for users (no
> authentication beyond having a valid 3G/GPRS account)

so send all mail to amavisd-new and have it learn both ham and spam

> and yet prevent us from polluting the internet with spam.

there is always a risk, but with postfix 2.3.x its more simple to trace the users, if its
from your network

> I am sure that it is
> possible to configure postfix to do this and that it is just my lack
> of experience in this field that is preventing me from seeing ths
> solution.

if you get stock with postfix, post a postconf -n somewhere :-)

> Any pointers/tips/etc. gratefully considered.

could be, lets take it from there

-- 
"This message was sent using 100% recycled spam mails."

Re: spamassassin on an open relay

[Mike Kenny <in...@gmail.com>]

On 10/2/06, John Andersen <js...@pen.homeip.net> wrote:
> On Sunday 01 October 2006 06:39, Mike Kenny wrote:
> >  Success in the sense that
> > spam is no longer entering our system. However it is still being
> > passed through.
>
> Well stop being an open relay and problem solved.
>
> I would have thought THAT would have been priority ONE!
>
> --
> _____________________________________
> John Andersen
>

As I have said previously we are not really an open relay as anybody
making use of our smtp server will have had to authenticate themselves
by means of their msisdn. The difficulty for us lies in identifying
the msisdn in real time (not impossible, just costly) and since sim
cards are easily obtained the offender cna just reconnect from a new
sim, ad infinitum. Each time this happens there is the possibility of
an amti-spam site blocking our server and impacting our 150,000 (and
growing) innocent users.

I need to prevent spam from going out from our site and that is what
my query was about. Since then I have observed evidence that we are
blocking spam at that stage of processing, so we may no have a problem
after all. As I said I am fairly new  to this environment so I may
have been unnecessarily concerned.

Thanks to all who took the time to respond.

Re: spamassassin on an open relay

[John Andersen <js...@pen.homeip.net>]

On Sunday 01 October 2006 06:39, Mike Kenny wrote:
>  Success in the sense that
> spam is no longer entering our system. However it is still being
> passed through.

Well stop being an open relay and problem solved.

I would have thought THAT would have been priority ONE!

-- 
_____________________________________
John Andersen