Virus und Spam


# portmaster security/amavisd-new

You should complete the following post-installation tasks:

    1) Read /usr/local/share/doc/spamassassin/INSTALL
       and /usr/local/share/doc/spamassassin/UPGRADE
       BEFORE enabling SpamAssassin for important changes

    2) Edit the configuration in /usr/local/etc/mail/spamassassin,
       in particular /usr/local/etc/mail/spamassassin/init.pre
       You may get lots of annoying (but harmless) error messages
       if you skip this step.

    3) To run spamd, add the following to /etc/rc.conf:

    4) If this is a new installation, you should run sa-update
       and sa-compile. If this isn't a new installation, you
       should probably run those commands on a regular basis

    5) Install mail/spamass-rules if you want some third-party
       spam-catching rulesets

 To use amavisd-new, you need to install at least one virus scanner.
 The following virus scanners are available in the FreeBSD ports

 /usr/ports/security/clamav     Clam Antivirus
 /usr/ports/security/f-prot     F-Prot Antivirus

 Enable amavisd-new in /etc/rc.conf with the following line:


 You can set the pidfile, if you do not use the default path:


 Optionally enable amavisd tmp ram disk with:


 If you have installed and want to use the amavis sendmail milter interface,
 you need the following additional line in /etc/rc.conf:


 If you have installed and want to use the p0fanalyzer interface,
 you need the following additional lines in /etc/rc.conf
 (with modifications according to your needs):

 amavis_p0fanalyzer_p0f_filter="tcp dst port 25"

 You can pass another command line options to p0f daemon by setting
 amavis_p0f_daemon_flags and to p0f-analyzer.pl by setting

 Configuration templates are available in /usr/local/etc
 as amavisd.conf.sample, amavisd.conf-default and amavisd-custom.conf.sample
 Documentation is available in /usr/local/share/doc/amavisd-new.



# portmaster security/clamav



# portmaster mail/postgrey

SPF installieren

# portmaster mail/postfix-policyd-spf-perl
Installing postfix-policyd-spf-perl-2.010... done
The service is not enabled by default.  Enable it by doing the following:

1. Add the following to /etc/postfix/master.cf:

    spf-policy unix -       n       n       -       0       spawn
    user=nobody argv=/usr/local/libexec/postfix-policyd-spf-perl

   The user nobody is fine if you have no other daemons running as nobody.
   Otherwise, you should use a dedicated user and group for this policy

2. Add "spf-policy_time_limit = 3600" to main.cf.

3. Configure the Postfix policy service in /usr/local/etc/postfix/main.cf:

    smtpd_recipient_restrictions =
    check_policy_service unix:private/spf-policy

   NOTE: Specify check_policy_service AFTER reject_unauth_destination or your
   system may become an open relay.

4. Restart Postfix.