Home / server / Questions / 339507
Accepted
pepoluan
Asked: 2011-12-10 10:21:25 +0800 CST

Recommended way to implement Postfix 'before-queue' SpamAssassin filtering?

  • 772

After some discussions with colleagues and the relevant depts. in my office, I have come to the conclusion that for my Postfix server, I must implement a before-queue filtering. The reason is that with an after-queue filtering, the email would be lost, and the sender (in case it's a false positive) will never realize that.

That is unacceptable for my company; if the falsely accused sender gets a notification, we want him/her to try re-sending the email through other channels. If he/she doesn't get a notification, he/she won't attempt a re-send.

Now, after perusing the various docs on SpamAssassin, I happened upon more than one way to implement SpamAssassin before-queue filtering. E.g.,

  • SA + amavisd-new (run as smtpd proxy)
  • SA + amavisd-new + amavisd-milter
  • SA + MIMEdefang (run as milter)
  • SA + spampd (run as smtpd proxy)
  • SA + milter-spamd

and I'm sure you may also find other ways to implement it.

Which one(s) of the above is (/are) recommended?

Do you know of its pros/cons? Or perhaps do you have something better in mind?

postfix spamassassin spam-filter

2 Answers

  1. Best Answer

    None of them! Use just amavisd-new (with SA, without virus scanner!!) as before-queue-filter.

    You do it as described here: http://www.postfix.org/SMTPD_PROXY_README.html Even the pros and cons are extensively discussed there.

    Before you start you should have a look at http://www.postfix.org/POSTSCREEN_README.html to just drop 70% of all Spam before it gets to amavis.

    After that you look at http://www.policyd-weight.org/ to drop another 10%.

    When you do before-queue filtering, use a well-suited (tested!) amount of amavis worker threads. And put the tmp directory of amavis into a RAM-disk (described at the amavisd-new website). Without much tuning it then filters 20 mails per second. Tuning will get you more out of it, but do you really have that high traffic (assuming only 20% left)?

    • 5

  2. This question is quite old. But for people like myself who stumble across it. Amavisd-New has this option:

    $final_spam_destiny       = D_DISCARD;

    So just change the above default to:

    $final_spam_destiny       = D_BOUNCE;

    And all email which is considered fail spam will bounce instead of being discarded. However keep in mind if it fails hard it's more than likely a false email which will cause bounces back and forth.

    • 0