@@ -15,11 +15,14 @@ |
|
!2. Anti-Virus Configuration
|
Tweak __/etc/amavisd.conf__ with your host information, and uncomment the clamd scanner
|
-{code source="txt"}['ClamAV-clamd',
|
+{code source="txt"}# For very high volume servers, disable db support |
+$enable_db = 0; |
+***snip*** |
+['ClamAV-clamd', |
\&ask_daemon, ["CONTSCAN {}\n", "127.0.0.1:3310"],
|
qr/\bOK$/, qr/\bFOUND$/,
|
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],{/code}
|
-You might need to change the socket listed with "127.0.0.1:3310" as listed above. SpamAssassin settings are made in this file. Also, make sure __$inet_socket_port = 10024;__ See [http://www200.pair.com/mecham/spam/amavisd-settings.html|detailed explanation of amavisd.conf] for more information.
|
+You might need to change the socket listed with "127.0.0.1:3310" as listed above. SpamAssassin settings are made in this file. Also, make sure __$inet_socket_port = 10024;__ See [http://www200.pair.com/mecham/spam/amavisd-settings.html|detailed explanation of amavisd.conf] for more information. db support has [http://www.mail-archive.com/amavis-user@lists.sourceforge.net/msg09069.html|limited impact on features and performance]. |
|
{code souce="bash"}/etc/init.d/clamd start
|
service amavisd start
|
|
|
@@ -83,6 +86,7 @@ |
"{code}
|
#Get the [http://tqmcube.com/files/dnsbl_lists.tar.bz2|latest RBLDNS databases] and move database files to /var/lib/rbldnsd
|
# Gentlepeople, start your daemons: "service restart named; service restart rbldnsd;" Test with telnet localhost 53; and telnet locahost 530;
|
+# Edit your __/etc/resolv.conf__ to include 127.0.0.1 so lookups are performed on the local server first. |
# Preform a test lookup:{code source="text"}
|
$dig @localhost 223.61.83.162.clients.blocked.rbl -t txt
|
;; ANSWER SECTION:
|
|
|
@@ -127,6 +131,11 @@ |
|
# specify what address/port DKIMproxy forwards mail to
|
relay 127.0.0.1:10029
|
+ |
+ |
+ |
+ |
+ |
|
# specify what domains DKIMproxy can sign for (comma-separated, no spaces)
|
domain yourdomain.com
|
|
|
@@ -202,7 +211,17 @@ |
!!!SPF Outbound support
|
The quickest way to get the DNS entries up and running is to [http://www.openspf.org/FAQ/Manage_my_own|follow the wizard].
|
|
-!6. Spamassassin Advanced Tools
|
+!Spam Detection |
+There are two top spam tools - DSPAM and spamassassin. |
+ |
+!6. Spamassassin Configuration |
+#The spamassassin site has a review on [http://wiki.apache.org/spamassassin/IntegratedInPostfixWithAmavis|integrating amavis and spamassassin], which is mostly ready to go by default.symlinking the bayes databases ( __ln -s /var/spool/amavis/.spamassassin /root__ ) is a good idea so you can use sa-learn by hand to stock you bayes database. Review [http://www.ijs.si/software/amavisd/#faq-spam|amavis + spamassassin FAQ] to tweak your configuration parameters. |
+#Configure __sa-update__ - add [http://saupdates.openprotect.com/|OpenProtect Rules] to update daily.{code source="bash"}$ wget http://saupdates.openprotect.com/pub.gpg |
+$ sa-update --nogpg --import pub.gpg |
+$ crontab -e |
+... add ... |
+1 5 0 0 0 sa-update --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org |
+{/code} |
!![http://razor.sourceforge.net/|Razor]
|
#Get the [http://razor.sourceforge.net/|latest SDK source] and install {code source="bash"}wget http://unc.dl.sourceforge.net/sourceforge/razor/razor-agents-sdk-2.07.tar.gz
|
tar xvzf razor-agents-sdk-2.07.tar.gz
|
|
|
@@ -215,6 +234,7 @@ |
razor-admin -create
|
razor-admin -discover
|
razor-admin -register{/code}
|
+# Disable razor logging, else you will quickly fill up /var/. Edit __/var/spool/amavisd/.razor/razor-agent.conf__ and add: debuglevel = 0 |
|
!Troubleshooting
|
*Be sure to watch your logs, such as: tail -f /var/log/maillog
|
|
|