• home
• about
• hosting
• faqs
• contact
• weblog
• forum
• help

Good Riddance to SPAM

Ok, so there’s been a big change in the way we do our domain wide SpamAssassin scanning. Previously, all the scanning was done on each of the shared hosting servers and what we came to realize was that the one thing that can work a server harder than a rails app gone wrong is scanning every piece of email with an anti-spam engine and anti-virus. So we did a little work, and here’s how we roll now, if you have “Enable SpamAssassin for domain?” set to Yes in webmin’s virtual server module.

So email hits your shared hosting server, bounces out to the f5, hits one of the spamscanners which does SpamAssassin, ClamAV, and BitDefender checks, as well as header/body/mime scanning for malicious code or exploits, then it bounces back to the originating server to be delivered to your Maildirs.

Any quarantined messages are stored in MySQL on a dedicated database server, and we’re working up a control panel that will allow delivery of the (no) false positives (I’ve ever seen). I’ve honestly yet to see one in this system…

And in the near future, these boxen also become the SMTP gateways for all mail as well (they’re already doing SMTP for the webmail traffic)

·:· Posted 4 November 2005, 05:55 by Ryan Schwartz to Email  |  

1. Brilliant; absolutely brilliant. And thank you all for doing it!
   
   — Chuck McKinnon    4 November 2005, 06:56    #
2. What does ~/Mail mean, and why does it bypass everything?
   
   — Powen Shiah    4 November 2005, 07:35    #
3. Can I have maildrop now please? :-)
   
   — Diwaker Gupta    4 November 2005, 07:51    #
4. I’m guessing ~/Mail is your mailbox on the shared server. As far as I can tell it doesn’t bypass anything, it’s the last part of the chain only being hit after the full array of anti-spam stuff.
   
   — Jakob S    4 November 2005, 09:04    #
5. Well I prefer spamprobe, if only because I can train it with my own messages. Can we train SpamAssassin somehown?
   
   — victor    4 November 2005, 12:14    #
6. Okay, I’ll be the dumb guy:
   
   I have spamassassin turned on, and have noticed a dramatic drop in my spam levels this past week or so, so yay! but despite my level of trust, I am somewhat concerned about false positives and would like to review on occasion.
   
   How do I check what SpamAssassin has quarantined? Do we need to wait until the control panel that allows delivery is built?
   
   — Rob Drimmie    4 November 2005, 17:12    #
7. Yes, panel is being created for the quarantine, but I skim through them. Like I said, have never seen a FP in there yet, and we’ve been running a similar system on our @textdrive.com email for months.
   
   — Ryan Schwartz    4 November 2005, 18:25    #
8. Very slick! I’m looking forward to having the false-positive control panel in place, though. I’m one of those paranoid types who never fully trusts automated spam filtering.
   
   — Adam Messinger    5 November 2005, 03:37    #
9. this looks great guys!
   
   also, please let us know about the smtp switchover (via email) way in advance.
   
   — blanco    5 November 2005, 14:31    #

© Copyright 2004–2005 TextDrive Inc. · TextDrive™ is a trademark of Joyent Inc.
Acceptable Use · Terms of Service · Privacy · Safe Harbor · All prices in US$