From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RXjBO-0006G7-8z for garchives@archives.gentoo.org; Tue, 06 Dec 2011 00:46:54 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 359FA21C10F; Tue, 6 Dec 2011 00:46:34 +0000 (UTC) Received: from svr-us4.tirtonadi.com (svr-us4.tirtonadi.com [69.65.43.212]) by pigeon.gentoo.org (Postfix) with ESMTP id E576621C09C for ; Tue, 6 Dec 2011 00:45:13 +0000 (UTC) Received: from mail-fx0-f53.google.com ([209.85.161.53]) by svr-us4.tirtonadi.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.69) (envelope-from ) id 1RXj9l-000Ydr-66 for gentoo-user@lists.gentoo.org; Tue, 06 Dec 2011 07:45:13 +0700 Received: by faai28 with SMTP id i28so3736599faa.40 for ; Mon, 05 Dec 2011 16:45:09 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.227.209.85 with SMTP id gf21mr344984wbb.5.1323132309441; Mon, 05 Dec 2011 16:45:09 -0800 (PST) Received: by 10.223.103.70 with HTTP; Mon, 5 Dec 2011 16:45:09 -0800 (PST) Received: by 10.223.103.70 with HTTP; Mon, 5 Dec 2011 16:45:09 -0800 (PST) In-Reply-To: References: <4EDAA89F.3090308@orlitzky.com> <4EDAD845.4010402@orlitzky.com> Date: Tue, 6 Dec 2011 07:45:09 +0700 Message-ID: Subject: Re: [gentoo-user] clamav and spamassassin From: Pandu Poluan To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=0015175111aa4b8d5f04b361bf74 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - svr-us4.tirtonadi.com X-AntiAbuse: Original Domain - lists.gentoo.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - poluan.info X-Archives-Salt: 3b973680-abc4-411e-9c44-9de4cea617da X-Archives-Hash: 2622532777ae3ba96f874d72b9ebd3ed --0015175111aa4b8d5f04b361bf74 Content-Type: text/plain; charset=UTF-8 On Dec 6, 2011 7:19 AM, "Grant" wrote: > > > Here's the entirety of my main.cf postscreen section for reference. I've > > deemed these safe, but you shouldn't enable them without reading what they > > do! > > > > > > # > > # Postscreen settings > > # > > > > postscreen_greet_action = enforce > > > > postscreen_dnsbl_sites = > > psbl.surriel.com, > > bl.spamcop.net, > > zen.spamhaus.org, > > b.barracudacentral.org > > > > postscreen_dnsbl_threshold = 1 > > postscreen_dnsbl_action = enforce > > > > > > ## > > ## Deep protocol tests > > ## > > > > postscreen_pipelining_enable = yes > > postscreen_pipelining_action = enforce > > > > postscreen_non_smtp_command_enable = yes > > postscreen_non_smtp_command_action = enforce > > > > postscreen_bare_newline_enable = yes > > postscreen_bare_newline_action = enforce > > I've looked up each of those parameters and they sound fine to me. > How long have you been running them? Have you been notified of any > mistakenly rejected mail? It's very important my server doesn't miss > any mail, even if it means dealing with more spam. > Similar situation with me. Because my company is in the financial sector, false negatives are much more preferred than false positives. (Although I can always weasel my way out of any problems caused by slight configuration mistakes, I prefer not having to put myself into a situation where weasel-ing is needed :-) Rgds, --0015175111aa4b8d5f04b361bf74 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


On Dec 6, 2011 7:19 AM, "Grant" <emailgrant@gmail.com> wrote:
>
> > Here's the entirety of my main.cf<= /a> postscreen section for reference. I've
> > deemed these safe, but you shouldn't enable them without read= ing what they
> > do!
> >
> >
> > #
> > # Postscreen settings
> > #
> >
> > postscreen_greet_action =3D enforce
> >
> > postscreen_dnsbl_sites =3D
> > =C2=A0 =C2=A0 =C2=A0 =C2=A0ps= bl.surriel.com,
> > =C2=A0 =C2=A0 =C2=A0 =C2=A0bl.s= pamcop.net,
> > =C2=A0 =C2=A0 =C2=A0 =C2=A0ze= n.spamhaus.org,
> > =C2=A0 =C2=A0 =C2=A0 =C2=A0b.barracudacentral.org
> >
> > postscreen_dnsbl_threshold =3D 1
> > postscreen_dnsbl_action =3D enforce
> >
> >
> > ##
> > ## Deep protocol tests
> > ##
> >
> > postscreen_pipelining_enable =3D yes
> > postscreen_pipelining_action =3D enforce
> >
> > postscreen_non_smtp_command_enable =3D yes
> > postscreen_non_smtp_command_action =3D enforce
> >
> > postscreen_bare_newline_enable =3D yes
> > postscreen_bare_newline_action =3D enforce
>
> I've looked up each of those parameters and they sound fine to me.=
> How long have you been running them? =C2=A0Have you been notified of a= ny
> mistakenly rejected mail? =C2=A0It's very important my server does= n't miss
> any mail, even if it means dealing with more spam.
>

Similar situation with me. Because my company is in the financial sector= , false negatives are much more preferred than false positives.

(Although I can always weasel my way out of any problems caused by sligh= t configuration mistakes, I prefer not having to put myself into a situatio= n where weasel-ing is needed :-)

Rgds,

--0015175111aa4b8d5f04b361bf74--