It's just about impossible to completely avoid all spam, though there are settings that I have found work well and are minimally disruptive to legitimate email.
Here are the settings I typically use:
1. Use RBLs. I use the following RBL zones: Edit: Updated 1/2/07 zen.spamhaus.org bl.spamcop.net list.dsbl.org
2. Deny RCPT Hacks - on
3. SPF fail check - on
4. Use Greylisting - optional - can cut down on a lot of spam, but will delay a good amount of email and spammers are also catching on and resending. Occassionally you run into a bad mail server that doesn't retry frequently enough so sometimes you lose legitimate email. The delay can be annoying to end-users so I usually leave it off as getting spam is better than not getting email when you're running a business.
5. Verify recipient - ON
6. File Extension Filter. I filter exe, scr, bat, cmd and pif files.
7. Turn on virus protection if you have it.
8. I don't use the built-in Spam Protection having found it to not be very effective compared to DSPAM (see below), but it does catch some emails.
On my main mail server I also have been testing DSPAM. It's a bit tricky to setup, but once it's running it seems to do a good job with the spam that makes it past the firewall.
make setting Level 1/ to Quarantaine en 2/ to Quarantaine or Reject!
Now it will be kept on the Astaro.
The Internal user can use the "Proxy content manager" to release mail with "Daily Spam digest" an Spam Releasing.
RBL's that work ok are:
1
list.dsbl.org
2
relays.ordb.org
3
sbl.spamhaus.org
4
cbl.abuseat.org
5
combined.njabl.org
6
sbl-xbl.spamhaus.org
