JBMC Software's vision on Spam + Virus solution?

[interfasys]

We now have Spamblocker available when downloading unofficial versions of Exim and we're all waiting for the Spamassassin GUI, but could we get some hints on how the final solution (RBL, Spam scanning and virus blocking/scanning) will work?

Will it be :
Exim-Exiscan that does everything by configuring exim.conf?
or
Exim + Mailscanner

Everybody is coming with its own solution, but since emails are a vital part of hosting and since we need to keep our servers up to date, I think a little bit of standardization could be good, no?

 

[DirectAdmin Support]

Hello,

From where we're standing, it looks like the near future will have it setup with
1) spamassin controls through DA
2) the new exim.conf with rbl
3) exiscan will be compiled into exim.

We'll probably leave it like that for the time being until we can take the time to seriously look at the options and the best solution, if there even is one.

John

 

[interfasys]

Thank you John. Looks like the best way to add virus scanning is to add it to exim.conf then (easy with the Exiscan + ClamAV Howto).

 

[ozee]

Any ETA on this yet??

 

[nobaloney]

During the next few days I'll be carefully examining my SpamBlocker rbl.

After that, I'll consider it "done" and in maintenance only mode for the time being.

So by late this coming week (perhaps earlier) I'll be working on adding Anti-Virus (blocking at data time) to exim.conf.

Jeff

 

[mo.mentum]

are we there yet? are we there yet?

 

[nobaloney]

Unfortunately, we're not there yet .

Lots of things keeping me busy, including my car giving up the ghost while I was driving 65 mph on the freeway (the 91 westbound in Corona, if anyone knows Southern California).

You just don't know how well you can drive, or how well you can pray, until your engine, steering, brakes and electrical all give out while you're driving 65 mph on a freeway.

That shook me up quite a bit; I'm still recovering.

And I have a bad cold so I'm spending a lot of time not in front of my computer.

It's still at the top of my list after customer work.

Jeff

 

[rldev]

Sorry to hear Jeff. That is some experience. Get better soon, we need you

 

[mo.mentum]

Oooof...glad to hear ur ok now...those car things can be a shaker! come back soon!

 

[blacknight]

Would someone care to expand on what you mean by adding RBL to the exim conf?

I would hope that any spam controls would be added as an optin ie. that we will not be forced to use them.

 

[interfasys]

You need to add the domains that will use the rbl to a config file, all we need is a tick box in DA now...

 

[rldev]

Hmm,
Couldn't it be setup so that all domains are affected by RBLs and then have a whitelist to remove whoever doesn't want it? This how most use RBLs.

 

[nobaloney]

It could be.

It would be easy enough to copy the contents of /etc/virtual/domains into /etc/virtual/use_rbl_domains.

I wouldn't do it; I don't believe in blocking incoming email for a domain unless the client opts in.

I don't mind filtering with SpamAssassin as an opt-out rather than an opt-in, because with SpamAssassin there's no blocking; the client will still get the emails, but they'll be marked as spam.

Have you considered a link, so use_rbl_domains just points at domains? Not a good idea, since then no one could opt-out.

Jeff

 

[rldev]

The link wouldn't work unless I could have a seperate whitelist. I have RBLs turned on on y my current servers. I have not had one client ask to opt out. But it is important to have the ability to opt out.

 

[interfasys]

Just add a command to add the domain name in the rbl file in the post_account_creation script. You could then manually remove people that want to opt-out.

 

[rldev]

That's what I'm lookinf for. But would the post_account_creation script be overwritten every time DA is updated?

 

[Herbster]

What's the ETA on spamassin controls through DA?

 

[rldev]

I don't know, perhaps Jeff does. I keep hearing the next couple of releases. I see not details for the next update posted, so it could be a while.

DA, spam/Anitvirus integration on a per email account basis is absolutely critical and is available on every major control panel that I can think of.

 

[nobaloney]

No, I don't know. I'm not any more privy to what DA staff does than anyone else is.

I can easily develop a third party solution thorugh one of my solution providers.

However he'd own it, and he'd charge for it.

Or it would cost me a lot of money to have developed, so I'd charge for it.

I'm not an html kind of guy; I do only simple static html pages. So I can't easily do it myself.

Note that I don't like SpamAssassin as it overuses server resources to do something I believe is much more efficiently done by blocking.

Note also that when most people create per-user SpamAssassin controls they do it by allowing SpamAssassin to run for all users and manipulate only the spam score allowed; for example if someone doesn't want SpamAssassin, you allow a score of 1000 or so, so the incomming email, no matter how spammy, will never get marked as spam.

That would never be an approach I'd work on, because I believe on using the least amount of server resources. Any solution I'd work on would have to have an on-off switch whereby email for certain users wouldn't even be filtered through SpamAssassin if they opted out.

I've been very busy the past few days; I've been working on a server problem for a friend in SW Florida; we've had computer and realworld messes to deal with.

But things are beginning to get calmer now.

I'm going to find my project list, update it, and then perhaps start asking for help with my open-source projects soon.

Jeff

 

[blacknight]

So you are blocking based on RBLs? That is madness. Plain and simple.