I need software anti-spam

Discussion in 'Server Operation' started by leeeonardo, Jun 1, 2007.

  1. leeeonardo

    leeeonardo New Member

    I'm use Centos 4.4 with ISPConfig but we recibe a lot of spams, and i want to install some aplication. I'm read about spamAssassian, but I dont know if have some problem with ISPConfig or Postfix.

    If you can tell me what software I can use and how to install, I'm say thanks.
  2. Hans

    Hans Moderator ISPConfig Developer


    If you're running ISPConfig you have Spamassassin running on your system already. :)

    There are quiet a lot solutions for fighting spam.
    Peronally i installed Postgrey a greylisting system for Postfix and i use DCC, Pyzor and Razor for Spamassassin.

    The greylisting system Postgrey is very, very effective and easy to install.

    You also can use ASSP, but i did not use that in a production environment yet.

    You also can add extra entries within your /etc/postfix/main.conf like RBL's but i had not good experience with that. (Sometimes my clients had problems).
  3. leeeonardo

    leeeonardo New Member

    I see it, that I have installed spamassassin but how can I use it???... How can I create new rules??? or how can I update rules???
  4. Hans

    Hans Moderator ISPConfig Developer


    Within ISPConfig, you can enable/disable the Spam-check for every single user you've created.

    To do so:

    Select a website > "User & Email" tab > "Spamfilter & antivirus".

    And choose the options you want.

    I also recommend to install DCC, Pyzor and Razor for Spamassassin.
  5. planet_fox

    planet_fox Member

    @hans can you some information gives about your client problem and I find better when i can set blocks a mail domain on 1web and this run for all user on server .

  6. Hans

    Hans Moderator ISPConfig Developer

    Against SPAM: my own experience


    When i added RBL's to my /etc/postfix/main.cf file, the relations of some important clients could not contact that clients anymore.

    An example of the RBL's i've added at that time where:

    smtpd_recipient_restrictions =
    reject_rbl_client multi.uribl.com,
    reject_rbl_client dsn.rfc-ignorant.org,
    reject_rbl_client dul.dnsbl.sorbs.net,
    reject_rbl_client list.dsbl.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client rblmap.tu-berlin.de,
    reject_rbl_client relays.ordb.org,
    reject_rbl_client dnsbl.sorbs.net,
    reject_rbl_client opm.blitzed.org,
    reject_rbl_client blackholes.easynet.nl,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client ix.dnsbl.manitu.net,

    I am happy that RBL's do exists, feel free to use them, but i don't want to be depended of them anymore. At that time, i also added some restrictions like:

    smtpd_helo_required = yes
    disable_vrfy_command = yes
    invalid_hostname_reject_code = 554
    multi_recipient_bounce_reject_code = 554
    non_fqdn_reject_code = 554
    relay_domains_reject_code = 554
    unknown_address_reject_code = 554
    unknown_client_reject_code = 554
    unknown_hostname_reject_code = 554
    unknown_local_recipient_reject_code = 554
    unknown_relay_recipient_reject_code = 554
    unknown_sender_reject_code = 554
    unknown_virtual_alias_reject_code = 554
    unknown_virtual_mailbox_reject_code = 554
    unverified_recipient_reject_code = 554
    unverified_sender_reject_code = 554

    But i also stopped using those restrictions, because i noticed that some ISP's where using bad configured mailservers, so the mail did not pass my server.
    For my clients it was worse then sometimes receiving a single spam message.

    On the moment i use Spamassassin, DCC, Pyzor, Razor and the Postgrey greylisting system for Postfix, which is great!

    Insecure contactforms, easier to locate with suPHP:
    Some clients had also contactforms on their website, which where not secure enough. When spam has been sent true those unsecure contactforms, it is very difficult to locate the website with that insecure form. (When this happens you will find out that a lot of spam has been sent via the systemuser www-data (on Debian). It was for me one of the main reasons to switch to suPHP. With suPHP, the unsecure contactform is much easier to locate.

    It's also a good idea to make use of "fake" MX records:
    If you like to know more about this and why, pleas have a look here:

    Of course i am talking about my own experience, but with my current configuration, i am very satisfied. I even had some compliments from clients, because they almost do not receive spam anymore, which saves them a lot of time every day.
    Last edited: Jun 3, 2007
  7. leeeonardo

    leeeonardo New Member

    CAn I add the same RBL's in my main.cf????
  8. leeeonardo

    leeeonardo New Member

    I am not find DCC for to install, where can I find it for download???
  9. falko

    falko Super Moderator ISPConfig Developer

    You can search for the DCC package like this:
    yum search dcc

Share This Page