Topic: Most Useful Thing about SME : Jespers AV and AntiSpam script

[Brave Dave]

The most useful thing about SME (apart from SME itself) has been the Email processing Scripts from Jesper and the duly noted inspiration Damian Curtain

Recently an unworkable spam situation has seen spam reduced almost to zilch - where I had struggled under Fedora

This two step;
1. Install SME
2. Download the av and aspam scripts

now what else ..

[raem]

Useful they may be, but equally as good or better is the work done by Charlie Brady & Gordon Rowell on mailfront & smtpfront-qmail rejection.

Use RBL blocking to reject spam before it even enters your server. This is the feature that Jesper uses called RBL List blocking.
http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/Spam%20blocking%20HOWTO%20using%20smtpfront-qmail%20for%20sme%20server.htm

Use pattern matching blocking to reject virus infected messages before they even enter your server.
http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/Virus%20and%20file%20blocking%20HOWTO%20using%20smtpfront-qmail%20for%20sme%20server.htm

...and the just released bad HELO/EHLO message rejection. I have it working perfectly well on 2 sme 6.0 servers.
http://lists.contribs.org/mailman/public/devinfo/msg07904.html

....and of course the newly released greylisting looks very promising
http://lists.contribs.org/mailman/public/devinfo/msg07912.html

With these tools, viruses and spam are almost non existent.

[raem]

Another good tool that rejects mail to invalid addresses before they get into your server is the dungog-mailblocking contrib, which also controls mail to multiple virtual domains.

http://www.dungog.net/sme/files/index.php

Use it in conjunction with the domain aliases HOWTO

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/virtual%20domain%20email%20aliases%20HOWTO%20for%20sme%20server.htm


After all of that, if there are any doublebounce messages still getting into your server you can automatically delete them with this HOWTO.

http://mirror.contribs.org/smeserver/contribs/rmitchell/smeserver/howto/double%20bounce%20message%20deletion%20HOWTO%20for%20sme%20server.htm


If you have implemented all of the above (including my last post), then by about now all you should be receiving is legitimate mail, with the odd virus infected message sliiping in, which of course will be caught by clamav, which has been sitting there all week doing just about nothing !!

[dilligaf]

Hi,
I have one server trhat is set up as private server, w/ webmail for the admin acct only.
The users on the server user an outside ISP for the email, and get it via POP in outlook. (they do not use the mail part of sme)
When I look in the admin webmail, I see messages that bounce back that look legitamte, with some of the users actual email addresses.
If they are not using the SME for the mail, why would this be?

[raem]

dilligaf

At a guess, a virus on someone elses computer is generating emails purportedley from your users.
The recipients are sending these virus infected messages back to you, as the admin of your domain (that supposedly the messages came from).

[Brave Dave]

ditto all that Ray.

[arnoldob]

Hi Ray,

I was trying this bit here:
<<...and the just released bad HELO/EHLO message rejection. I have it working perfectly well on 2 sme 6.0 servers.
http://lists.contribs.org/mailman/public/devinfo/msg07904.html>>

And I got a spate of errors reguarding conflicts with:
mailfront-0.81-1

I have Jesper's Spam and AV contribs running on SME 6.01. Do you know if it's safe to force the install of the newer mailfront RPM?

[arnoldob]

Nevermind, I figured it out. Silly mistake on my part  

[raem]

arnoldob

> .....conflicts with: mailfront-0.81-1

> I have Jesper's Spam and AV contribs running on SME 6.01.

I realise you said you fixed it but FYI I have both those contribs also running with a newer mailfront.
rpm -q mailfront
mailfront-0.91-8es

Charlie always warns against forcing rpm installs unless you really know why it is necessary. If you have dependencies then you should install the newer rpms that are required.

[arnoldob]

All is well the rpm's are perfectly happy, so far. I tried to install with rpm -ihv instead of -Uvh. Must have been brain cramps

But if Charley says it, I will certainly note that for future reference.

[raem]

Hi arnoldob

> I tried to install with rpm -ihv instead of -Uvh

As far as I know you can use rpm -Uvh all the time.
It will do an install if the rpm is not already installed or it will do an update if it is installed.

Charlie also said that too !!!