-
-
Notifications
You must be signed in to change notification settings - Fork 6
Mail Server Preventing SPAM
There are many tools available to cut down on SPAM entering your mail server. We will discuss a few popular options.
Configuring your MTA to use realtime blackhole list such as spamcop.net
Setup a spam scanning product like rspamd or spamassassin
Setup procmail to filter on specific keywords, senders etc and remove mail
RBL/DNSBL In sendmail, you can add configurations for various lists. Here is an example config
FEATURE(dnsbl',
dnsbl.sorbs.net',"554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl FEATURE(
dnsbl', zen.spamhaus.org',
"550 Mail from " $&{client_addr} " rejected, see http://www.spamhaus.org/SBL " ',t') FEATURE(
dnsbl', b.barracudacentral.org',
"550 Mail from " $&{client_addr} " rejected, see barracuda rbl" ')
FEATURE(dnsbl',
cbl.abuseat.org', "550 Mail from " $&{client_addr} " rejected, you are listed on a block list." ') FEATURE(
enhdnsbl', bl.spamcop.net',
"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
Scanning Tools
rspamd
rspamd is available in mports
mport install rspamd
It's also recommended to setup redis for storing data for this
mport install redis
You will need to enable these in /etc/rc.conf
sysrc rspamd_enable="YES" sysrc redis_enable="YES" In sendmail, you can enable rspamd with this in your mc file
INPUT_MAIL_FILTER(rspamd',
S=inet:11332@localhost, F=T')dnl
spamassassin
Spamassassin is also available in mports in mail/p5-Mail-SpamAssassin
You can enable this with a procmail recipe like the following
:0 E f w | /usr/local/bin/spamc
:0:
- ^X-Spam-Status: yes ${HOME}/mail/mail/Junk
:0
-
^^rom[ ] { LOG="*** Dropped F off From_ header! Fixing up. "
:0 fhw | sed -e '1s/^/F/' } Clam Antivirus You can enable clamav in sendmail with
INPUT_MAIL_FILTER(clmilter',
S=local:/var/run/clamav/clmilter.sock,F=, T=S:4m;R:4m')dnl
You will need to install the security/clamav port
mport install clamav
Add these to /etc/rc.conf
sysrc clamav_clamd_enable="YES" sysrc clamav_freshclam_enable="YES" sysrc clamav_milter_enable="YES"