Chapter 21. Managing Spam and Malware

Introduction

Spam and malware really take the fun out of the Internet. It seems that no human invention, no matter how cool, is immune from being spoiled by idiots.

Malware is a general term that covers viruses, Trojan horses, worms, malicious executables on web pages, and any other kind of nasty that can infect a system from a mail client or web browser. Currently, this means primarily Outlook, Outlook Express, and Internet Explorer. Eliminating these from a Windows system goes a long way toward making it less insecure.

This chapter covers adding a number of spam and virus-fighting tools to your Postfix server: Clam Anti-Virus, SpamAssassin, DNS blackhole lists, and whitelists. You can mix and match to your heart’s content. Make sure you are running the latest versions of everything—especially Postfix, which should be Version 2.0 or newer.

There are three ways to apply restrictions on incoming mail:

  1. SMTPD restrictions

  2. Header/body checks

  3. Content filters

The farther down the chain you go, the more work is placed on the server. There are limits to what can be effectively done at each level. Expect to invest a bit of time and do some tweaking until you get it right.

Your basic strategy is:

  • Protect your bandwidth.

  • Protect your mail server from being overloaded.

  • Protect your proxies and mail servers from being used to relay spam.

  • Keep yourself from being a source of contagion.

The last is the most important. No one else cares how messed up your system is, as ...

Get Linux Cookbook now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.