Re: [exim] Anti SPAM Exim configuration

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Odhiambo G. Washington
Date:  
À: Alexander Prohorenko
CC: exim-users
Nouveaux-sujets: [exim] DSPAM? Do I want it?
Sujet: Re: [exim] Anti SPAM Exim configuration
* Alexander Prohorenko <white@???> [20041214 00:41]: wrote:
> Tony,
>
> What can you advise, except spending hours daily filtering mail from
> SPAM manually?
>
> Unfortunetly, SpamAssassin doesn't work good enough for me, I'm able
> to filter not more than 70% of SPAM. I recieve about 30 SPAM messages
> daily for one mailbox.
>
> Hopefully, you can show me the way out of here.


Hello Alexander and others,

I found this topic quite interesting and decided that I wouldn't let it
pass me by ;)

Alexander: Depending on your userbase, their hatred from spam, and their
willingness to cooperate in the war against spam, you should consider
deploying DSPAM. Why?

1. It does not require you to run DCC, Razor, Pyzor and what not so
you minimize on the apps you are running. You remain with just a
single point of failure - dspam itself.
2. It allows users to "train" it on what is spam and what is not.
Of course you are also able to only put willing users' mail thro'
it.
3. If your users have similar characteristics in their e-mailing habits
(who they receive mail from, the type of spam they rcv), it's even
easier. You can build a dictionary and share it amongst them for a
start. The problem with handling hundreds/thousands on users is with
the fact that what is spam for others might not be universally seen
as spam for everyone.
4. It can handle virtual users quite easily.
5. It supports reclassification (of spam and nonspam) by the users
themselves.
6. Troy Engel already made very good HOWTO for DSPAM. See this:

http://www.exim.org/pipermail/exim-users/Week-of-Mon-20040510/071459.html

NOTE::

1. The configure options and command line options in the Exim transports
for DSPAM v3.x (3.2.3) will differ from the ones on that howto. Same
for runtime configuration of dspam.

2. For a good DSPAM setup you will need MySQL and related administration knowledge!!

Spam filtering is a big challenge for an ISP, I can tell you that.
Even RBLS does not really help in an ISP environment as you end up
blocking senders who are legit to some of your users.
If you have several thousand users, like in an ISP, I would tell you
there is no "perfect" anti-spam solution!!

I'll be willing to hear a case where someone in such a situation has
achieved even just 90% accuracy on spam defenses. Suresh, are you listening?;)
You are one of the gurus on this.

I'll also advise you to tread carefully when it comes to greylisting.
In an environment like mine (ISP), it's a tedious venture since
almost every host on the Internet is likely to send e-mail your way!
You will spend quite some time on the greylisting, leave alone the
planning itself, which you need to consider very keenly.

It's been claimed that Postfix has got far much better anti-spam
defenses than Exim, but the person who said that (Hey Guka
guka, you are reading this?) did not say if his setups (he has
many) bear any semblance to an ISP environment. Anyway running
Postfix is another thing altogether - not easy when you run Exim.
To be good, you have to run one or the other. I am on the Exim
side, if this comment precipitates a flame war ;)

It's my hope that this gives some of the advise you asked for.


        cheers
       - wash 
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"  
                         --from a /. post