[[Antivirus / Antispam techniques]]
Mailserver

Overview

Installation

User Configuration

Configuration

Advanced

Antivirus / Antispam techniques

Antispam Architecture

The following steps is taken inside the mailserver before any mail is accepted for delivery:

  1. An optional Greylisting will determine that the sending mailserver is a “proper” mailserver.
  2. Postfix will make a conformance check on the mail headers to make sure that the send email address make sense
  3. Postfix will use DNS to check that the sender domain exists
  4. Postfix checks against a couple of Realtime Blocklist Lists (RBL) for known spammer domains and ip addresses
  5. Amavis makes a very basic spam check before checking external helpers (Clam AV and Spamassassin). Amavis will also block attachments of type: exe, vbs, pif, scr, bat, cmd, com, cpl.
  6. ClamAV checks if any attachment contains any viruses. If any attachment is infected, the email gets silently dropped
  7. SpamAssassin checks if the mail is spam using various techniques like keywords, autowhite listing and Bayes scanning. If the email has been found to be a spam (above 5 points on SpamAssassins score), the email will be tagged with a SPAM subject prefix and delivered to the users Spam Detected mailbox.
mailserver/antispam.txt · Last modified: 2009-02-26 10:59 by allard