Anti-Spam Package (dspam or SpamAssasin)
-
There is a big difference in configuring a greylisting daemon and configuring a full spam filter package. An actual spam filter package would involve running a full mail server on the firewall, plus all of the spam scanning software, plus coming up with some kind of GUI for it, and a way to manage not only the global spam filter settings but probably per-address options, and updating the spamassassin rules, etc, etc.
You'd realistically be looking at a several thousand dollars to have someone do that properly.
(And I still wouldn't want to run that on my firewall… :-)
I like the idea of 'several thousand dollars' ;)
I'm working on it and I agree that firewall is not the best place for a antispam system, but you can put it on another pfSense box/vm and use the same great pfSense GUI/rules to configure it.
What is done:
First stage antispam checks:-
Detect zombies
-
check RBL
-
check SPF
Second stage antispam check:
-
Subject
-
Valid Recipients
-
Valid Domains
-
Body Content
-
Attachment types
What is almost done:
Third stage antispam checks(high cpu usage):-
Mailscanner
-
SpamAssassin
-
Clamav
-
pyzor
If any one are willing to contribute with the project, the time has come.
@submicron:
Not surprisingly, I agree with jimp on this, such a package would require several thousand dollars at least and probably closer to ten thousand to do anything close to correctly. Even then, it would require herculean effort to keep up to date and would never be appropriate for anything more than a small network.
Yes it is difficult but not impossible. Many checks nowadays are based on sourceip or live lists(white, gray,black,etc).
Spamd just like the two biggest commercial antispam tools use a mundial database for ip reputation and other mail stuff.
pyzor can check a global server too.
I`m planning that sa-update will be updated via cron. -
-
Mailscanner + clamav + spamassassin with postfix integration is done.
I'm using freebsd 8.2 packages. Testing for 5 days with no issues.
-
marcello,
Congratulations for you work with this package.
you prove that we can develop technology in Brazil, not just consume. We have many good developers and people involved with free software!
[] 's
Jack -
Mailscanner + clamav + spamassassin with postfix integration is done.
I'm using freebsd 8.2 packages. Testing for 5 days with no issues.
How are things working? Still no problems?
Have you looked at making a pfsense package to do this automatically?
Thanks.
-
@Bai:
How are things working? Still no problems?
Have you looked at making a pfsense package to do this automatically?Yes, I've it working for months.
Just install the package.
If you prefer, test it on a virtual machine first.
-
@Bai:
How are things working? Still no problems?
Have you looked at making a pfsense package to do this automatically?Yes, I've it working for months.
Just install the package.
If you prefer, test it on a virtual machine first.
What's the name of the package? I looked in the list and didn't see it.
-
postifx for the smtp daemon has antispam features(spf+rbl+spf+zombie blocker+header checks)
maiscanner-dev for the content message scanning(maiscanner + spamassassin + clamav) -
Check out Baruwa.
This should be able to run as an add-on-package perhaps.
We run it on separate hardware - and love it. (truth to be told we loaded it on the Barracuda hardware we have):-)
-
postifx for the smtp daemon has antispam features(spf+rbl+spf+zombie blocker+header checks)
maiscanner-dev for the content message scanning(maiscanner + spamassassin + clamav)Will do.
Thanks!
-
A huge thanks to all the devs that made this possible, i soo wish i was a Millionaire so that i could donate! anyway it will come! Not a question if but when ;D
Man i love THIS. Just hope i can manage to get this running.
;)
Just have to Solve this one:
FROM SERVER:
550 5.1.1 : Recipient address rejected: User unknown in relay recipient table
SMTP -> ERROR: DATA command not accepted from server: 550 5.1.1 : Recipient address rejected: User unknown in relay recipient tableAnd also have to find out how to stop it from becoming a backscatter source!
Jupp, i love searching for info, will let u all know how it goes…
-
This is going like a warm knife in butter, only thing left now is stop NDR/ be a source for backsckatter. ;D
-
i soo wish i was a Millionaire so that i could donate!
You don't need to be a Millionaire to donate ;)
only thing left now is stop NDR/ be a source for backsckatter. ;D
take a look on this doc.
http://www.postfix.org/BACKSCATTER_README.html
att,
Marcello Coutinho -
i soo wish i was a Millionaire so that i could donate!
You don't need to be a Millionaire to donate ;)
only thing left now is stop NDR/ be a source for backsckatter. ;D
take a look on this doc.
http://www.postfix.org/BACKSCATTER_README.html
att,
Marcello CoutinhoThanks for that link, will have a good read. And also check out the How-To regarding donating to packet devs ;)