Spam/Virus (3rd party/OSS)

**Krishopper** · 04-10-2008, 09:20 AM

Is anyone using any OSS Spam/Virus filters that do not need to be incorporated into /opt/zimbra in any way, but still play nice with Zimbra? Perhaps ones that run on a 2nd server and process the mail before Zimbra sees it?

**fcash** · 04-11-2008, 09:32 AM

We have a central server that handles all incoming and outgoing messages for all the mail servers in the school district. This server is listed as the primary MX for all our domain. Our mail servers only accept SMTP connections to/from this server.

On that server, we run Postfix, MySQL, Amavisd-new, SpamAssassin, ClamAV, and Kaspersky AV (running in daemon scanner mode, not SMTP proxy mode). We have a long list of restrictions configured in Postfix that blocks the majority of the bogus messages. What passes those restrictions then gets fed into amavisd where is checked by SpamAssassin, ClamAV, and KAV. Finally, if it passes all those checks, then the message is forwarded on to the destination mail server.

Works quite nicely.

**Klug** · 04-11-2008, 09:37 AM

We're using something that looks the same, using MailCleaner.

Some of our customers are using such setup with Barracuda or Astaro spam gateways.

This kind of setup helps in lowering CPU usage on the Zimbra server :
. only mails with existing recipient (checked by the spam gateway that connects to ZCS) are delivered to the ZCS server
. mails with virii do not reach the ZCS server
. you can use quarantine

**Krishopper** · 04-11-2008, 10:12 AM

What about address validation on the incoming email? Do you have Postfix on the remote machine check against Zimbra's ldap server, or do you regularly copy a list of email addresses over, or *sigh* just not worry about it?

**Klug** · 04-11-2008, 10:44 AM

You can do it the way you want.

Personaly, I activate the recipient check in ZCS first (that's not activated by default) : change the entry in zmmta.cf for smtpd_reject_unlisted_recipients to 'yes', save the file and restart postfix.

Then I tell my MailCleaner to do "SMTP callout" to check recipient.

**Priyantha Bleeker** · 04-17-2008, 08:05 AM

Originally Posted by Klug

You can do it the way you want.

Personaly, I activate the recipient check in ZCS first (that's not activated by default) : change the entry in zmmta.cf for smtpd_reject_unlisted_recipients to 'yes', save the file and restart postfix.

In the newer version(5.0.2) this is not available any more right ?

**phoenix** · 04-17-2008, 08:07 AM

Originally Posted by Priyantha Bleeker

In the newer version(5.0.2) this is not available any more right ?

Wrong, that entry is still there and set to 'no' you just need to change it to 'yes' as Klug has suggested.

**Klug** · 04-17-2008, 08:08 AM

It's still "available" but still not activated after ZCS' setup.
You have to change from "no" to "yes" manually (and do it again after any upgrade).

**Priyantha Bleeker** · 04-17-2008, 08:10 AM

Originally Posted by Klug

It's still "available" but still not activated after ZCS' setup.
You have to change from "no" to "yes" manually (and do it again after any upgrade).

Okay thanks

I found the entry, the is a bit different

That's why 'find' couldn't find it

It's named 'smtpd_reject_unlisted_recipients' on my mail server which I am managing at this moment.

Zimbra

Thread: Spam/Virus (3rd party/OSS)

LinkBack

Thread Tools

Search Thread

Display

Spam/Virus (3rd party/OSS)

Thread Information

Users Browsing this Thread

Similar Threads

3rd party antivirus program

Requirements for a 3rd party app

Authenticating Against A 3rd Party Mail Service

Spam/Virus statistics

Posting Permissions