Tadeusz Pietraszek

© 2004-2007 Tadeusz Pietraszek

«
»

Anti-virus and anti-spam measures on my server

After having thought about it for at least half a year and having researched the topic thoroughly for a good weekend, I finally got to implementing anti-spam and anti-virus measures on my server. It turned out to be more complex than I had initially thought (as always), but it seems to be working now.

To give a bit more background, I am running Postfix with Courier-IMAP and PostgreSQL as database backend. E-mail accounts reside in a virtual folder and have no corresponding Unix accounts.

I decided to use maildrop (I discussed Postfix and procmail issues here) and followed this tutorial, with the following exceptions:

  • I had to backport a few packages to sarge (wrote about it here).
  • I found out by trial and error that two packages courier-maildrop and maildrop have the same program working differently (essentially, maildrop from the maildrop package works, the other one doesn’t!)

  • I added a custom clamAV source to my sources.list files:

    deb http://ftp2.de.debian.org/debian-volatile sarge/volatile main
  • I wrote my own /etc/maildroprc

The idea is to have e-mail moved automatically to a folder containing spam if (and only if) such a folder exists. What I came up with is the following 




This is the folder into which spam messages are delivered



SPAMFOLDER="$DEFAULT/.caughtspam/"



run the message through SpamAssassin



exception {
    xfilter "/usr/bin/spamc -u $LOGNAME"
}



if the message is marked as spam AND SPAMFOLDER exists - deliver there



I have no idea how to check it other than executing [ -d ] in a shell



SPAMFOLDEROK=[ -d $SPAMFOLDER ]; echo $?
if ( /^X-Spam-Flag:.*YES/ && $SPAMFOLDEROK == 0 )
{
  exception {
          to $SPAMFOLDER
  }
}

What still needs to be done is:

  • automatic training on users’ emails (to enable per-user training)
  • inclusion of user-specific rules (still need to thnik about it a bit as it has serious security implications).

Useful links:

This entry was posted on Tuesday, February 7th, 2006 at 1:35 am and is filed under Linux, Personal, Tips&Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

3 Responses to “Anti-virus and anti-spam measures on my server”

  1. bjorne Says:
    June 29th, 2007 at 12:29 am

    Thanks for this (and the related) post. I’m trying a similar approach to antispam myself. However, in the if statement, shouldn’t “$SPAMFOLDER == 0″ read “$SPAMFOLDEROK == 0″?

  2. tadekp Says:
    June 29th, 2007 at 6:24 pm

    Thanks for noticing, it was a typo. I updated this in the blog.

  3. gebi Says:
    May 23rd, 2009 at 8:42 pm

    Hi, i’ve tried your suggestions but it seems they don’t work here for virtual users. with maildrop -d ${recipient} maildrop tries to search for the user in /etc/passwd and gives the error “unknown user”.

Leave a Reply