ram wrote:
On Thu, 2009-11-05 at 11:47 +0200, Alex wrote:
Hello
This is my first post on this list. I have a atypical configuration like :
- an MX server for inbound mails; this server is configured virtual
domains, graylisting , antivirus and antispam for all incoming mails; it
is also use for my users as a pop/imap/smtp server.
- all emails originating from my users (authenticated users) are relayed
to another servers. On this outgoing servers I have 3 to 8 postfix
instances on different ips. Each instance have a dedicated transport
for servers like yahoo , hotmail etc
Basically is one of my users want to send a email outside it must
authenticate to the smtp server. The smtp server relay that message to
one gateway server (round-robin fashion) and the gateway server send the
message to the destination.
What I am try to do is scan all outbound emails (I have a few
situations in witch a mail account was owned by spammers and use to send
spam). The scanner must be on the gateway servers not on the smtp server
because he can't take any more load.
About scanning software on the incoming server I use spamassassin
invoke from maildrop. On gateway server I try to use something more
light and I read about dspam .
I have a few questions for you:
- how can I use dspam or any other scanning software on my gateway
servers (multiple instance configuration) ?
- is dspam a good choice ?
Alex
Thank you
Outbound scanning is slightly different from inbound. but in general you
need not scan and catch all the spam messages. Just one caught and you
immediately know which account is spewing spams
Dspam is not very effective ... Ofcourse thats my opinion YMMV.
If you find spamassassin too heavy maybe you can trim it yourself.
Remove all unnecessary cf files, especially the network DNS checks since
they are all irrelevant for outbound. You could even consider some
lightweight commercial plugin and remove all other rules
But other than scanning , implement the basic hygiene. Allow only strong
passwords , if possible block port 25 and use 587 , educate the users
about phishing etc. Also register for Feedback loops and watch out for
abuse complaints. All that is absolutely essential today for a outbound
mail relay.
Hi ram
Thanks for replaying. Dspam was mention just because I know what
spamassassin can do on a busy server. I take care about abuse
complains, the users are advice about their passwords, but keeping
lessons about phishing to 2000 vdomains is to much. So my question was
how I do this in a multiple instance environment.
|
