Beating Spam and Viruses with amavisd-new and Maia Mailguard
Most spam filters are concerned only with defending against the onslaught of spam and do little or nothing to prevent it in the first place. Because Maia allows users to confirm the status of their mail as spam and does nothing to modify the original mail headers, this spam can be reported in a number of different ways. Upcoming versions of Maia will support detailed header analysis and semi-automated reporting to ISPs. These reports help others block spam more effectively and even can result in some form of punishment for the spammer.
Behind the scenes, Maia's automated scripts process the quarantine at regular intervals, reporting confirmed spam to the same collaborative networks that SpamAssassin consults—Vipul's Razor, Pyzor and the DCC. By sharing this information with these networks, you give something back, rather than only benefiting from the reports of others.
In the end, what matters most is how effective the combination of amavisd-new and Maia Mailguard is at keeping spam out of your inbox, while keeping ham out of your quarantine. From my own site's statistics, that figure is a refreshing 99.22%, with 0.26% false positives and 0.52% false negatives. Best of all, those false positives can be recovered easily from the quarantine and the false negatives can be reported from the ham cache.
For viruses and other forms of malware, the effectiveness figure is even more impressive: 100%. In the six months since I installed this content-filtering solution, the virus scanners on my desktop machines haven't caught anything that slipped past the filters. This is largely due to the way amavisd-new allows multiple virus scanners from different vendors to be used together—what one scanner misses, another typically catches.
Performance-wise, any content-filtering solution is going to slow down mail processing to some extent. It often becomes a trade-off between filter effectiveness and speed, as you may choose to disable certain filters and tests to improve mail throughput. My 99.22% effectiveness statistic comes from having every available test and filter enabled, for example, but it also costs 1–3 seconds to process each mail item on a moderately loaded dual-PIII 733MHz with 1GB of RAM. A busier site might not be able to tolerate that kind of delay. They would have to choose between disabling the more time-consuming tests, upgrading the processor and RAM in the content filter and switching to a load-balanced array of content filters. Nevertheless, Maia Mailguard and amavisd-new are being used together at sites hosting more than 50,000 users, processing more than 350,000 e-mails a day, so the solution scales if you've got the hardware to handle it.
As many people already have discovered, some of the best weapons in the war against spam and viruses happen to be open-source tools. With tools like amavisd-new, Maia Mailguard, SpamAssassin and Clam Antivirus, you can provide your network with world-class protection without spending tens of thousands of dollars.
Resources for this article: www.linuxjournal.com/article/7820.
Robert LeBlanc is the president of Renaissoft (www.renaissoft.com), author of Maia Mailguard and resident spam-fighting guru for the AnswerSquad (www.answersquad.com). When he's not reinventing the wheel or building better mousetraps, he can be found in the company of his four Alaskan Klee Kai, Zorro, Sikari, Piyomi and, of course, Maia.
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems
Join editor Bill Childers and Bit9's Paul Riegle on April 27 at 12pm Central to learn how to keep your Linux systems secure.
Free to Linux Journal readers.Register Now!
|diff -u: What's New in Kernel Development||Aug 20, 2014|
|Security Hardening with Ansible||Aug 18, 2014|
|Monitoring Android Traffic with Wireshark||Aug 14, 2014|
|IndieBox: for Gamers Who Miss Boxes!||Aug 13, 2014|
|Non-Linux FOSS: a Virtualized Cisco Infrastructure?||Aug 11, 2014|
|Linux Security Threats on the Rise||Aug 08, 2014|
- diff -u: What's New in Kernel Development
- Security Hardening with Ansible
- NSA: Linux Journal is an "extremist forum" and its readers get flagged for extra surveillance
- New Products
- Tech Tip: Really Simple HTTP Server with Python
- Monitoring Android Traffic with Wireshark
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- RSS Feeds
- Raspberry Pi: the Perfect Home Server
- Linux Systems Administrator