Running amavisd-new on MX hosts?
listsb-amavis at bitrate.net
listsb-amavis at bitrate.net
Wed Feb 10 00:36:48 CET 2016
> On Feb 08, 2016, at 14.54, Rich Wales <richw at richw.org> wrote:
>
> Hi. I would like to hear other people's thoughts on a possible way to
> improve my current e-mail spam filtering setup.
>
> I am using Postfix, SpamAssassin, and amavisd-new on my mail server. My
> mail server doesn't take incoming mail directly; rather, I have two MX
> hosts, which currently accept incoming mail and forward it directly to
> my mail server. The MX hosts do DNSBL blacklisting, but they don't do
> any content-based filtering (that gets done on the mail server).
>
> I'm considering the idea of moving SpamAssassin and amavisd-new to my MX
> forwarders, so that spam would be quarantined on the MX hosts and not
> sent to my mail server to be detected and quarantined there. One
> possible downside to this which I can imagine is that I might need to
> deal with two separate spam quarantine databases (one for each MX host),
> rather than a single quarantine database on the mail server -- any ideas
> on how to avoid or deal with this?
i would not do this. to some extent, one might argue that it depends on what exactly happens to the mail after it's processed by amavis, but it's unlikely to benefit you much to now have two instances of amavis to curate, two additional places in which mail may accumulate, two more services on hosts with more direct internet exposure, etc, etc.
what actual problem would moving your content filter service to your mx service hosts solve? for me, the answer is none. i would also encourage you to consider not quarantining spam. instead, mark it as appropriate, and then deliver it to a junk mailbox using something like sieve.
-ben
More information about the amavis-users
mailing list