Results 1 to 9 of 9

Thread: Spam/Virus (3rd party/OSS)

  1. #1
    Krishopper is offline Dedicated Member
    Join Date
    Dec 2006
    Location
    Minneapolis MN
    Posts
    777
    Rep Power
    9

    Default Spam/Virus (3rd party/OSS)

    Is anyone using any OSS Spam/Virus filters that do not need to be incorporated into /opt/zimbra in any way, but still play nice with Zimbra? Perhaps ones that run on a 2nd server and process the mail before Zimbra sees it?

  2. #2
    fcash is offline Elite Member
    Join Date
    Jun 2007
    Location
    BC, Canada
    Posts
    281
    Rep Power
    8

    Default

    We have a central server that handles all incoming and outgoing messages for all the mail servers in the school district. This server is listed as the primary MX for all our domain. Our mail servers only accept SMTP connections to/from this server.

    On that server, we run Postfix, MySQL, Amavisd-new, SpamAssassin, ClamAV, and Kaspersky AV (running in daemon scanner mode, not SMTP proxy mode). We have a long list of restrictions configured in Postfix that blocks the majority of the bogus messages. What passes those restrictions then gets fed into amavisd where is checked by SpamAssassin, ClamAV, and KAV. Finally, if it passes all those checks, then the message is forwarded on to the destination mail server.

    Works quite nicely.
    Freddie

  3. #3
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    We're using something that looks the same, using MailCleaner.

    Some of our customers are using such setup with Barracuda or Astaro spam gateways.

    This kind of setup helps in lowering CPU usage on the Zimbra server :
    . only mails with existing recipient (checked by the spam gateway that connects to ZCS) are delivered to the ZCS server
    . mails with virii do not reach the ZCS server
    . you can use quarantine

  4. #4
    Krishopper is offline Dedicated Member
    Join Date
    Dec 2006
    Location
    Minneapolis MN
    Posts
    777
    Rep Power
    9

    Default

    What about address validation on the incoming email? Do you have Postfix on the remote machine check against Zimbra's ldap server, or do you regularly copy a list of email addresses over, or *sigh* just not worry about it?

  5. #5
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    You can do it the way you want.

    Personaly, I activate the recipient check in ZCS first (that's not activated by default) : change the entry in zmmta.cf for smtpd_reject_unlisted_recipients to 'yes', save the file and restart postfix.

    Then I tell my MailCleaner to do "SMTP callout" to check recipient.

  6. #6
    Priyantha Bleeker is offline Active Member
    Join Date
    Oct 2007
    Posts
    31
    Rep Power
    7

    Default

    Quote Originally Posted by Klug View Post
    You can do it the way you want.

    Personaly, I activate the recipient check in ZCS first (that's not activated by default) : change the entry in zmmta.cf for smtpd_reject_unlisted_recipients to 'yes', save the file and restart postfix.

    In the newer version(5.0.2) this is not available any more right ?

  7. #7
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Quote Originally Posted by Priyantha Bleeker View Post
    In the newer version(5.0.2) this is not available any more right ?
    Wrong, that entry is still there and set to 'no' you just need to change it to 'yes' as Klug has suggested.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    It's still "available" but still not activated after ZCS' setup.
    You have to change from "no" to "yes" manually (and do it again after any upgrade).

  9. #9
    Priyantha Bleeker is offline Active Member
    Join Date
    Oct 2007
    Posts
    31
    Rep Power
    7

    Default

    Quote Originally Posted by Klug View Post
    It's still "available" but still not activated after ZCS' setup.
    You have to change from "no" to "yes" manually (and do it again after any upgrade).
    Okay thanks
    I found the entry, the is a bit different
    That's why 'find' couldn't find it

    It's named 'smtpd_reject_unlisted_recipients' on my mail server which I am managing at this moment.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. 3rd party antivirus program
    By achow in forum Users
    Replies: 7
    Last Post: 09-30-2010, 02:24 PM
  2. Requirements for a 3rd party app
    By Ron Gage in forum Developers
    Replies: 0
    Last Post: 02-22-2008, 02:48 PM
  3. Replies: 0
    Last Post: 03-20-2006, 04:11 PM
  4. Spam/Virus statistics
    By Alfspace in forum Administrators
    Replies: 1
    Last Post: 02-03-2006, 09:10 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •