On 04.04.13 14:09, Josef Karliak wrote:
we've one "collecting" smtp server (without SA), one antispam
server (SA and this server sends outgoing email1) and one email
server (cyrus imap server). We've about 3000 active email users -
here is a fast picture
http://www.ajetaci.cz/skola/epi/zumpa/rychle_zapojeni_firewall_antispam_email.png
So, when you accept mail from the net, you first collect it by an SMTP
server and then filter it out? I recommend the opposite, especially for
your case:
- receive mail from internet directly to server that can do spam and
recipient checks, so you can REJECT both mail to unknown users and the
spam at SMTP level
- receive mail from local users by te same server, so you can do the same
checks (at SMTP time)
- have one extra SMTP server for special users or special cases as this one,
that can accept all the mail and submit through mail hub, which will
either pass through main server or SA-scan after accepting the mail
(you may have to deal with undeliverable spam, backscatter etc)
- if you want special server for mailboxes (IMAP and POP3), if can receive
mail from the main server
About filtering email - when the scanned email has SPF, Domainkeys
or DKIM =="pass", I've some rules with SCORE "-10" or so, so the
email is trustworthy. Including ours.
Are you aware that the whole fact that mail passes SPF or DKIM checks tells
COMPLETELY NOTHING about its spamminess? they can be spam as well, and I do
NOT recommend using SPF for anything than positive scoring when the mail
FAILS those tests.
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"One World. One Web. One Program." - Microsoft promotional advertisement
"Ein Volk, ein Reich, ein Fuhrer!" - Adolf Hitler
