|

»

»

SpamAssassin - Users

looking into spamassassin mail proxy solution

View: New views

9 Messages — Rating Filter: Alert me

	looking into spamassassin mail proxy solution by tuxbeagle :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I am trying to find a mail proxy/spamassassin solution for 2 situations. Situation 1 is Mail Server --> Mail Proxy --> Internet Situation 2 is Mail Client --> Mail Proxy --> Mail Server Mail Proxy is on a seperate server. I think MailScanner will work but after reading through part of the documentation still am not sure. Pop3Proxy might work but there doesn't appear to have been much work on it, in some time. I could of sworn that I saw a document on how to do this in the not to distant past, but now I can't seem to locate it.
	Re: looking into spamassassin mail proxy solution by Matt Kettler-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message tuxbeagle wrote: > I am trying to find a mail proxy/spamassassin solution for 2 situations. > Situation 1 is > Mail Server --> Mail Proxy --> Internet > > Situation 2 is > Mail Client --> Mail Proxy --> Mail Server > > Mail Proxy is on a seperate server. > > I think MailScanner will work but after reading through part of the > documentation still am not sure. MailScanner isn't a proxy. However, you could still use it for Situation 1 depending on exactly what "Mail Server" is, and what kind of stuff you are willing to set up. > Pop3Proxy might work but there doesn't > appear to have been much work on it, in some time. > That mgith work for situation 2, but not situation 1. Quite frankly, doing anything of this sort using proxies is asking for trouble. The normal way of integrating SA is to run it directly on your mailserver, or insert another upstream mailserver to run SA on, and forward all mail through that machine. ie: 1) MailServer with SA --> internet 2) Mail Client ---> Mail Server with SA or 1) Mail Server (existing) --> New Mail Server with SA --> internet 2) Mail Client --> Mail Server (existing) --> New Mail Server with SA
	Re: looking into spamassassin mail proxy solution by tuxbeagle :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Matt Kettler-3 wrote: tuxbeagle wrote: > I am trying to find a mail proxy/spamassassin solution for 2 situations. > Situation 1 is > Mail Server --> Mail Proxy --> Internet > > Situation 2 is > Mail Client --> Mail Proxy --> Mail Server > > Mail Proxy is on a seperate server. > > I think MailScanner will work but after reading through part of the > documentation still am not sure. MailScanner isn't a proxy. However, you could still use it for Situation 1 depending on exactly what "Mail Server" is, and what kind of stuff you are willing to set up. > Pop3Proxy might work but there doesn't > appear to have been much work on it, in some time. > That mgith work for situation 2, but not situation 1. Quite frankly, doing anything of this sort using proxies is asking for trouble. The normal way of integrating SA is to run it directly on your mailserver, or insert another upstream mailserver to run SA on, and forward all mail through that machine. ie: 1) MailServer with SA --> internet 2) Mail Client ---> Mail Server with SA or 1) Mail Server (existing) --> New Mail Server with SA --> internet 2) Mail Client --> Mail Server (existing) --> New Mail Server with SA These last two appear to be what I am trying to achieve, but am not sure how to set up the "New Mail Server with SA" and put it transparently between the "Mail Server" and internet.
	RE: looking into spamassassin mail proxy solution by Gary V-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > Matt Kettler-3 wrote: >> >> tuxbeagle wrote: >>> I am trying to find a mail proxy/spamassassin solution for 2 situations. >>> Situation 1 is >>> Mail Server --> Mail Proxy --> Internet >>> >>> Situation 2 is >>> Mail Client --> Mail Proxy --> Mail Server >>> >>> Mail Proxy is on a seperate server. >>> >>> I think MailScanner will work but after reading through part of the >>> documentation still am not sure. >> MailScanner isn't a proxy. >> >> However, you could still use it for Situation 1 depending on exactly >> what "Mail Server" is, and what kind of stuff you are willing to set up. >> >>> Pop3Proxy might work but there doesn't >>> appear to have been much work on it, in some time. >>> >> That mgith work for situation 2, but not situation 1. >> >> Quite frankly, doing anything of this sort using proxies is asking for >> trouble. >> >> The normal way of integrating SA is to run it directly on your >> mailserver, or insert another upstream mailserver to run SA on, and >> forward all mail through that machine. >> >> ie: >> >> 1) MailServer with SA --> internet >> 2) Mail Client ---> Mail Server with SA >> >> or >> >> 1) Mail Server (existing) --> New Mail Server with SA --> internet >> 2) Mail Client --> Mail Server (existing) --> New Mail Server with SA >> >> > These last two appear to be what I am trying to achieve, but am not sure how > to set up the "New Mail Server with SA" and put it transparently between the > "Mail Server" and internet. There are numerous HOWTOs explaining how to build a gateway (relay) server using Postfix, amavisd-new and SpamAssassin. Google for those three nouns. It is very important to remember that a relay server must be configured to reject mail to invalid users for domains you host. Gary V _________________________________________________________________ Discover the new Windows Vista http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE
	RE: looking into spamassassin mail proxy solution by tuxbeagle :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thanks, Knowing what to search for helps. The first document I started reading has an installation where spam is filtered to a specific user 'spammy'. I hope that there is a way to just tag the spam in the header and let the user filter locally. Gary V-2 wrote: > Matt Kettler-3 wrote: >> >> tuxbeagle wrote: >>> I am trying to find a mail proxy/spamassassin solution for 2 situations. >>> Situation 1 is >>> Mail Server --> Mail Proxy --> Internet >>> >>> Situation 2 is >>> Mail Client --> Mail Proxy --> Mail Server >>> >>> Mail Proxy is on a seperate server. >>> >>> I think MailScanner will work but after reading through part of the >>> documentation still am not sure. >> MailScanner isn't a proxy. >> >> However, you could still use it for Situation 1 depending on exactly >> what "Mail Server" is, and what kind of stuff you are willing to set up. >> >>> Pop3Proxy might work but there doesn't >>> appear to have been much work on it, in some time. >>> >> That mgith work for situation 2, but not situation 1. >> >> Quite frankly, doing anything of this sort using proxies is asking for >> trouble. >> >> The normal way of integrating SA is to run it directly on your >> mailserver, or insert another upstream mailserver to run SA on, and >> forward all mail through that machine. >> >> ie: >> >> 1) MailServer with SA --> internet >> 2) Mail Client ---> Mail Server with SA >> >> or >> >> 1) Mail Server (existing) --> New Mail Server with SA --> internet >> 2) Mail Client --> Mail Server (existing) --> New Mail Server with SA >> >> > These last two appear to be what I am trying to achieve, but am not sure how > to set up the "New Mail Server with SA" and put it transparently between the > "Mail Server" and internet. There are numerous HOWTOs explaining how to build a gateway (relay) server using Postfix, amavisd-new and SpamAssassin. Google for those three nouns. It is very important to remember that a relay server must be configured to reject mail to invalid users for domains you host. Gary V _________________________________________________________________ Discover the new Windows Vista http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE
	Re: looking into spamassassin mail proxy solution by Matt Kettler-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message tuxbeagle wrote: > > These last two appear to be what I am trying to achieve, but am not sure how > to set up the "New Mail Server with SA" and put it transparently between the > "Mail Server" and internet. > You don't do it "transparently".. you configure forwarding as appropriate on each server.
	RE: looking into spamassassin mail proxy solution by Gary V-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > Subject: RE: looking into spamassassin mail proxy solution > > > Thanks, > Knowing what to search for helps. > The first document I started reading has an installation where spam is > filtered to a specific user 'spammy'. I hope that there is a way to just > tag the spam in the header and let the user filter locally. > Yes, amavisd-new has many configuration options. An easy way to pass the spam is to set kill_level high, for example: $sa_kill_level_deflt = 9999; Doing so will also prevent quarantining of spam messages. You would then also set: $final_spam_destiny = D_PASS; (or) $final_spam_destiny = D_DISCARD; It's important in amavisd-new that @local_domains_maps contains all the domains for which you accept mail. This may help with basic understanding: http://www200.pair.com/mecham/spam/amavisd-settings.html It's also worth noting that spam scanning is very resource intensive and requires tuning (which is not covered in most HOWTOs) in order to get maximum throughput. You need to match the horsepower of the server(s) to the amount of mail you receive, or suffer mail queueing up behind amavisd-new, resulting in delayed deliveries and other serious headaches. Many find some relief in greylisting (which can delay mail) and/or policy servers like policyd-weight. Also, some of the HOWTOs are rather dated. Be careful with items such as Postfix RBL checks. Some are now extinct and will cause problems if used. I have seen people recommend zen.spamhaus.org (or alternately sbl-xbl.spamhaus.org), but that's about the extent of it. _________________________________________________________________ Explore the seven wonders of the world http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
	Re: looking into spamassassin mail proxy solution by mouss-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message tuxbeagle wrote: > Thanks, > Knowing what to search for helps. > The first document I started reading has an installation where spam is > filtered to a specific user 'spammy'. I hope that there is a way to just > tag the spam in the header and let the user filter locally. > visit the postfix and amavisd-new sites and start slowly, one step at a time. those big bang howtos available won't do you good if you have no idea what they are for. when configuring amavisd-new, look in the config file, and make sure D_PASS is used for spam (not for viruses. you don't want to deliver viruses, whether tagged or not, because MUAs may execute them anyway). setting postfix is not difficult, but you need to have some understanding of how email works (this is true whatever MTA you use). some level of discipline (call it process if you prefer buzzwords): change things incrementally, test, commit (a backup is enough, or just document the changes and things you discover), move to the next step, ... etc. In any case, big bang approaches sometimes work, but not always as intended...
	Re: looking into spamassassin mail proxy solution by Bazooka Joe :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message open source ipcop firewall has a pluging called copfilter that has a transparent mail proxy that scans all pop and smtp email using sa and clamav On 9/25/07, tuxbeagle <txjin@...> wrote: > > I am trying to find a mail proxy/spamassassin solution for 2 situations. > Situation 1 is > Mail Server --> Mail Proxy --> Internet > > Situation 2 is > Mail Client --> Mail Proxy --> Mail Server > > Mail Proxy is on a seperate server. > > I think MailScanner will work but after reading through part of the > documentation still am not sure. Pop3Proxy might work but there doesn't > appear to have been much work on it, in some time. > > I could of sworn that I saw a document on how to do this in the not to > distant past, but now I can't seem to locate it. > > -- > View this message in context: http://www.nabble.com/looking-into-spamassassin-mail-proxy-solution-tf4519055.html#a12890917 > Sent from the SpamAssassin - Users mailing list archive at Nabble.com. > >