Re: Filtering SPAM with Linux

From: Rajeev Kumar (rajeev_at_rajeevnet.com)
Date: 04/27/04

  • Next message: Sanjay K. Patel: "RE: Filtering SPAM with Linux" 
    Date: Tue, 27 Apr 2004 14:04:10 -0400
To: ivan.hernandez@globalsis.com.ar

    Ivan,
       You need to setup a mail server on your proxy box which will collect
    all incoming mail at port 25 and then apply SPAM filter there.

    One practical solution could be, install postfix
    (http://www.postfix.org) as a mailgateway, postfix has lots of anti-spam
    setup procedure and you can follow some nice websites/papers on this setup.
    After your mail gateway, you can deliver mails to next hop (i.e your MS
    exchange server).
    Look for this sites on how to setup postfix with antispam.

    http://www.advosys.ca/papers/postfix-filtering.html
    http://www.securitysage.com/guides/postfix_uce.html
    http://jimsun.linxnet.com//misc/postfix-anti-UCE.txt
    http://www.mengwong.com/misc/postfix-uce-guide.txt
    http://www.postfix.org/uce.html

    Also you can incorporate some third party spam filters such as
    Spamassassin (Open source).
    Sophos Puremessage (Commercial , bit costly anti-spam filter but works
    very nicely)

    Similar can be done with sendmail also, but I would prefer postfix which
    is lot better to administer than sendmail.

    Hope this helps.

    Rajeev

    ivan.hernandez@globalsis.com.ar wrote:
    > Hello. I have a box with linux that is acting as NAT and Firewall (also
    > cache with squid and reverse proxy with pound).
    > I have an internal MS Exchange server that goes to internet via NAT, and
    > i dont have any chance of removing it, but i would like to filter the
    > incoming traffic to remove spam.
    > My net looks something like this:
    >
    >
    > INTERNET <---> x.x.x.x LINUX BOX 10.1.20.100 <---> 10.1.20.1 MS Exchange
    >
    > What can i use in the linux box? I have found things like MessageWall and
    > so, but i need better recomendations from people that already doed it.
    >
    > Thanks!!
    > Ivan Hernandez
    >
    > ---------------------------------------------------------------------------
    > Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    > any course! All of our class sizes are guaranteed to be 10 students or less
    > to facilitate one-on-one interaction with one of our expert instructors.
    > Attend a course taught by an expert instructor with years of in-the-field
    > pen testing experience in our state of the art hacking lab. Master the skills
    > of an Ethical Hacker to better assess the security of your organization.
    > Visit us at:
    > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    > ---------------------------------------------------------------------------- 

    -- 
____________________________________________________________________
	Rajeev Kumar (rajeev@rajeevnet.com)
		http://www.rajeevnet.com
-- PGP PUBLIC KEY -- http://www.rajeevnet.com/crypto/mypubkey
____________________________________________________________________
What's New on rajeevnet.com:
o Firewalling HTTP traffic using reverse SQUID proxy.
    http://www.rajeevnet.com/hacks_hints/security/rev-squid-proxy.html
____________________________________________________________________
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
  • Next message: Sanjay K. Patel: "RE: Filtering SPAM with Linux"

    Relevant Pages

    • Re: RPC-HTTP Setup Questions
      ... 1- the rpc/http proxy component is installed on both FE and BE servers. ... you dont need SSL but it is recomended to use SSL since it is more secure. ... Here's my current setup. ... I have a FE/BE Exchange 2003 SP2 with a separate DC/GC server in the ...
      (microsoft.public.exchange.admin)
    • Re: User accounts for children
      ... A friend of my setup (more ... because she *could* than because she needed to) setup a Linux server in ... proxy server gateway to the internet. ...
      (microsoft.public.windowsxp.general)
    • Re: Vista Bus to SBS2003R2 connectcomputer problems . . .
      ... Yep I run all of the KBs both on the server and on the Vista PC and checked same many times. ... Check that the proxy box is not ticked It also says if I don'y have a Proxy setup then I need to rerun the Client Deployment component on the server. ... I was having trouble today getting connectcomputer to run at all, it kept telling me I needed to be an admin, even after making a local admin of the same name and password. ...
      (microsoft.public.windows.server.sbs)
    • Re: RPC over HTTP on a Single Server
      ... This is what I used to setup the same scenerio. ... on a single server in exchange 2003. ... On the RPC proxy server in ... On the client, Microsoft Exchange server: ...
      (microsoft.public.exchange.setup)
    • Re: How to configure for Two different IP subnets
      ... Active Directory will go haywire in a setup like that. ... AD integrates with the local DNS, so you cannot use the DNS at your ISP ... With Server 2003 Standard ... for its internal interface (ie the VPN endpoint). ...
      (microsoft.public.windows.server.networking)