I'm use Centos 4.4 with ISPConfig but we recibe a lot of spams, and i want to install some aplication. I'm read about spamAssassian, but I dont know if have some problem with ISPConfig or Postfix. If you can tell me what software I can use and how to install, I'm say thanks.
Hi, If you're running ISPConfig you have Spamassassin running on your system already. There are quiet a lot solutions for fighting spam. Peronally i installed Postgrey a greylisting system for Postfix and i use DCC, Pyzor and Razor for Spamassassin. The greylisting system Postgrey is very, very effective and easy to install. You also can use ASSP, but i did not use that in a production environment yet. You also can add extra entries within your /etc/postfix/main.conf like RBL's but i had not good experience with that. (Sometimes my clients had problems).
I see it, that I have installed spamassassin but how can I use it???... How can I create new rules??? or how can I update rules???
Hi, Within ISPConfig, you can enable/disable the Spam-check for every single user you've created. To do so: Select a website > "User & Email" tab > "Spamfilter & antivirus". And choose the options you want. I also recommend to install DCC, Pyzor and Razor for Spamassassin.
@hans can you some information gives about your client problem and I find better when i can set blocks a mail domain on 1web and this run for all user on server .
Against SPAM: my own experience @planet_fox, When i added RBL's to my /etc/postfix/main.cf file, the relations of some important clients could not contact that clients anymore. An example of the RBL's i've added at that time where: smtpd_recipient_restrictions = reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client rblmap.tu-berlin.de, reject_rbl_client relays.ordb.org, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client opm.blitzed.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, permit I am happy that RBL's do exists, feel free to use them, but i don't want to be depended of them anymore. At that time, i also added some restrictions like: smtpd_helo_required = yes disable_vrfy_command = yes invalid_hostname_reject_code = 554 multi_recipient_bounce_reject_code = 554 non_fqdn_reject_code = 554 relay_domains_reject_code = 554 unknown_address_reject_code = 554 unknown_client_reject_code = 554 unknown_hostname_reject_code = 554 unknown_local_recipient_reject_code = 554 unknown_relay_recipient_reject_code = 554 unknown_sender_reject_code = 554 unknown_virtual_alias_reject_code = 554 unknown_virtual_mailbox_reject_code = 554 unverified_recipient_reject_code = 554 unverified_sender_reject_code = 554 But i also stopped using those restrictions, because i noticed that some ISP's where using bad configured mailservers, so the mail did not pass my server. For my clients it was worse then sometimes receiving a single spam message. On the moment i use Spamassassin, DCC, Pyzor, Razor and the Postgrey greylisting system for Postfix, which is great! Insecure contactforms, easier to locate with suPHP: Some clients had also contactforms on their website, which where not secure enough. When spam has been sent true those unsecure contactforms, it is very difficult to locate the website with that insecure form. (When this happens you will find out that a lot of spam has been sent via the systemuser www-data (on Debian). It was for me one of the main reasons to switch to suPHP. With suPHP, the unsecure contactform is much easier to locate. It's also a good idea to make use of "fake" MX records: If you like to know more about this and why, pleas have a look here: http://wiki.apache.org/spamassassin/OtherTricks Of course i am talking about my own experience, but with my current configuration, i am very satisfied. I even had some compliments from clients, because they almost do not receive spam anymore, which saves them a lot of time every day.