(!) filter out spam and viruses

From Jonathan Becerra

Answered By Faber Fedor, Neil Youngman, Kapil Hari Paranjape, Heather Stern

(?) I'm very new to Linux but like what I see

The object here is to install a software that will filter all my e-mails and keep out viruses

(!) [Faber] Look into Amavis (www.amavis.org) and your favorite anti-virus software (Sophos, McAffee, etc.). If you're using Postfix as your MTA, drop me a line and I can help you get the three of them working.

(?) and catch re-occurring spam.

(!) [Faber] Check out Spam Assassin (www.spamassassin.org). It rocks!
(!) [Heather] Since the list which all Answer Gang members are on uses SpamAssassin as one among several defenses, I think yes - it does :) but it is not infallible. With any mail filtering answers I encourage you to take a look at its principles, and decide if you like them, rather than just take someone else's word on what is or isn't spam.
(!) [Neil] LWN seem to rate bogofilter, see http://lwn.net/Articles/9186. I haven't used it myself.
(!) [Kapil] I currently use "bogofilter" and am very happy with it. There are also alternatives such as "spamoracle" and "spamprobe". All these three programs implement Paul Graham's suggestions in "A Plan for Spam".
As far as I can make out "spamassasin" is a much more general tool that can easily incorporate the measurements used by Paul Graham.
The neatness of Paul Graham's approach is that it is entirely "Bayesian" --- spam mails self-select themselves once we have a sufficiently large database of spam and non-spam messages. Moreover, this division is entirely in the hands of the end-user.
On the other hand since this measurement is made after the mail enters the system it is not very useful if you want to reduce bandwidth consumption.

(?) I have 2 NIC cards, etho1 and etho2. Both were picked up by my install and both work, I can get out to the Internet with either one. I need help configuring etho1 to be the incoming route for my e-mails which my software will then pick up and process and then I want etho2 to send it out to my users.

I have been all over the Internet and in the book stores, I even had to break down and buy a Linux book for dummies which was no help at all.

(!) [Kapil] I think what you need is to take a hard look at Firewall-HOWTO.
(!) [Faber] (at http://www.tldp.org, in case you didn't know).

(?) Sound possible?

(!) [Faber] With Linux, almost anything is possible.
(!) [Heather] Though it may take a while to finish coding... no wait, that's "the impossible takes a little longer" :D

(?) I would be so appreciative and so would my head (because then I can quit banging it against my desk) for any and all help you could provide.

(!) [Heather] On behalf of the Gang, we hope you heal up soon! You're following good principles; make all emails have to follow one path into your site, then place some guardians upon that path to nail the miscreants as they come through.
Tune up your firewall to only show services to the outside world which you really provide, and that needed for your inside people to get to outside services they use (generally, using IP masquerading will make this automatic and nearly invisible). If you've got specific hosts pestering you with spam, get your MTA to blow them off with a "551 too much spam, site blocked" so your mailbox guardians don't have to waste CPU time on those bozos. Best of luck in the battle against spam.


Copyright © 2003
Copying license http://www.linuxgazette.net/copying.html
Published in Issue 87 of Linux Gazette, February 2003
HTML script maintained by Heather Stern of Starshine Technical Services, http://www.starshine.org/


[ Table Of Contents ][ Answer Guy Current Index ] greetings   Meet the Gang   1   2   3 [ Index of Past Answers ]