[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Zimbra+SPAM=...?
- To: zimbra-hied-admins@sfu.ca
- Subject: Re: Zimbra+SPAM=...?
- From: Freddie Cash <fjwcash@gmail.com>
- Date: Mon, 16 Aug 2010 08:28:32 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=xenMgRmRm/OlK8NIoOacmqtQfLxsnFvBiU8+Hj8qNak=; b=usA7CGEDQkJNZGJVKGO7aDC3htlNQjzEFgHuSujc2+5HAZLdgO+QP9aMd7sOaXHzu+ UenL/SLBHZuB6K4Y0VuG7u4WqCXDNjHWPWgff6zTT26CLTfikaCWXcIYOcfIRAsy1ZCn Dz/ULBalifJB5QAoOCg8wQ2ZqTH5zAfmm9dBo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=NnM0+IWjHytfMLtt7RxxwI2bNMwmzWVRQzYtJV8EtpNNZnBbZTpK9kFa4N3BRlvFhQ LceeGhxOzAHQ/gHiuVDZQdg/lQmveObeIDomcEuC448Izh7/FNNaB/frjM+u1CyBCb+6 2p6m/8YhHsUtGL73IMaew+gxpY3v1yNZaQllw=
- In-reply-to: <201008160907.40662.dmitry@athabascau.ca>
- References: <201008160907.40662.dmitry@athabascau.ca>
On Mon, Aug 16, 2010 at 8:07 AM, Dmitry Makovey <dmitry@athabascau.ca> wrote:
> we're trying to figure out the most efficient way of dealing with SPAM in Zimbra
> (we have edge MTA handling some of it too). What we're trying to find out what
> are the common practices in HiEd institutions? I'll bring some examples:
We have an edge MTA that handles all incoming and outgoing SMTP
traffic, and that's the only host that has port 25 or 587 available.
We do all the filtering there, using Postfix, Amavisd-new, ClamAV,
SpamAssassin, Dspam, and a list of different RBLs. We set the kill
level fairly high in SpamAssassin (10 or 15), and pass through
messages with a "possible spam" heading for anything scoring above 5.
Spam/AV is disabled on the Zimbra server.
It's up to users to create a filter to deal with messages marked as
"possible spam" or for spam messages that pass through without being
marked.
We've modified the Junk button in the web interface to redirect a copy
of the message back to the edge MTA for learning via SpamAssassin and
Dspam, as well as move the message into the user's Junk folder.
Maybe twice a month, I have to tweak the SpamAssassin rules or add a
whitelist entry to allow mail to be delivered.
No matter how good our spam filtering is, though, we still get
complaints from people who receive a whopping 4 spam messages in a
week. :) Sometimes I'm tempted to disable the spam filter for a week
so that people can see just how much is being blocked (out of approx 2
million messages received per month, only 30,000 are delivered as
legit).
--
Freddie Cash
fjwcash@gmail.com