This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

spam feature questions:

hi ASLers,

we are thinking about replacing our old mail relay with the smtp proxy of our asl firewall. most importend for us is the antispam feature.
we tested these features with a test domain we own. but thats not "real life". so i like to ask some questions. may be someone with productive experience can answer:

1. in the header of the mail spamassassin always says "required 5 points", no matter what strategy is applied. is that a bug ?

2. is somebody out there using the call out feature ? i am worried about all the mails with no-reply@... addresses. but i think most mail relays will accept all mails for there domain so this wont be a problem. any experiences with that feature ?

3. wich (free) rbls are usefull ?

a lot of questions but thanx in advance anyway :-)

by,

gnjb

This thread was automatically locked due to age.

Parents

0 oliver.desch over 22 years ago

2) callout is a very cool feature but it may lead to problems with misconfigured SMTP relays
on the other side. When enabled the firewall resolves the senders domain and tries to send
a bounce message to the sender - if that fails the firewall would reject the e-mail.

please also see my post at
https://community.sophos.com/products/unified-threat-management/astaroorg/f/98/t/68143

read you
o|iver
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 oliver.desch over 22 years ago

2) callout is a very cool feature but it may lead to problems with misconfigured SMTP relays
on the other side. When enabled the firewall resolves the senders domain and tries to send
a bounce message to the sender - if that fails the firewall would reject the e-mail.

please also see my post at
https://community.sophos.com/products/unified-threat-management/astaroorg/f/98/t/68143

read you
o|iver
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 gnujuba over 22 years ago in reply to oliver.desch

hi,

thanks for the answers. i have three more questions to users and to astaro:
1) what strategy is good to minimise false positives ? is agressive to agressive :-) some one out there with experience in that field ?
2) is question number one a bug ? will astaro fix this ?
3) will astaro include spam database querie tools like dcc (distributed checksum clearinghouse) in future versions of asl ?

thanks,

gnjb
Cancel
Vote Up 0 Vote Down

Cancel
0 Taharqa over 22 years ago in reply to gnujuba

For a production environment, I would suggest using the conservative setting. We have 900 users on a mail server behind our ASL. This is the setting that gave us the best balance between rejecting spam and false positives. HTH
Cancel
Vote Up 0 Vote Down

Cancel
0 cyclops over 22 years ago in reply to gnujuba

gnujuba,

my suggestion is to configure it reasonable and select either pass or reject
as action, never blackhole. If you select pass, the firewall adds *SPAM* to the
subject of the detected spam e-mail so that users can filter it with their
client software easily.

Greetings
cyclops
Cancel
Vote Up 0 Vote Down

Cancel