amavis against spam & viruses

Email for advanced learners

Email is an indispensable part of corporate communication. If you want to rely on email in a professional context, you will want to keep out spam, viruses and other kinds of unwanted content while still sending and receiving email without hindrance. The standard settings of Postfix, amavis (amavisd-new) and SpamAssassin are practical but do not account for individual requirements of performance and throughput.

During this training course, postmasters will learn how to operate email services professionally. You will get to know which possibilities you have in order to run email service in a stable, highly availalble and secure way and which system architecture will suit your individual requirements optimally.

After a week of concentrated practice training, conducted by email expert Patrick Ben Koetter, you will be able to judge against the background of spam hysteria, which hardware you (do not) need, how to filter incoming mail traffic optimally according to your requirements, absorb load peaks and also how to get your outgoing mail traffic delivered reliably.

Trainer und Dozenten

Patrick Ben Koetter is an experienced long term Postfix specialist. He is the co-author of the world wide best-selling book "The Book of Postfix" (in german "Postfix - Einrichtung, Betrieb und Wartung", writer of numerous articles and actively involved in the Open Source community with projects like amavisd-new, Python, mailman, Postfix, Cyrus SASL, x-arf and many more. As a consultant for high end email systems he is nationally and internationally well renowned at computing centres, public institutions, banks and ISPs.

Voraussetzungen

Prerequisites are thorough understanding of mail servers comparable to the level of our Postfix mail server training as well as basic knowledge of Linux network administration comparable to the level of our Advanced Linux administration training.

Inhalt

Position reckoning

  • What's going on out there at port 25?
  • What are the anti-spam community's plans and responses to present challenges?>

Viruses, spam & co revisited

  • How do I identify viruses, spam & co?
  • What are positive and negative hints at the spam nature of an email?
  • What we have to put up with: Strengths and weaknesses of the SMTP protocol
  • Problems and trends in anti-virus software

Filtering methods

  • Connection filter
  • SMTP session filter
  • Content filter

Efficient email policy design

  • Typical errors in policy design
  • What does constitute a good mail policy?
  • Where and when filters are most efficient
  • Where can an email policy server take effect on email traffic?
  • How do you position policies correctly?

Correct sizing

  • "Brute force does not help!"
  • "Measure don't speculate!" - Assigning requirements appropriately
  • "Full throttle is wrong!" - Tools for realitistic benchmarking
  • Testing your own training server in practice
  • Finding and removing bottlenecks

Connection filter

  • "Genuine submissions only, please!" - Preserving server resources by connection screening
  • Securing service availability and stability with Anvil
  • Sustaining services by means of stress-adaptive performance
  • Benchmarking

SMTP session filter

  • Applying Restrictions without false positives
  • Enhancing session filters with policy servers
  • Benchmarking
  • Optimizing

Content filter

  • amavisd-new - programmable framework for content filtering
  • Architecture and organisation
  • Features
  • Content classes
  • Developing content policies

Amavisd-new in practice

  • Integration - best practices
  • "Where is fore and where is aft on this thing?" - Amavis transport directions 101
  • Virus-, spam-, attachment- and other content policies
  • Exceptions
  • Notifications
  • Quarantine, methods and administration of quarantining
  • On-board Anti-spam methods
  • Customizing with Perl, SQL and LDAP
  • Benchmarking
  • Optimizing

Content filter "SpamAssassin"

  • What is SpamAssassin?
  • How does SpamAssassin work?
  • Base configuration
  • Family, friends and foreigners - Trusted instances in SpamAssassin
  • What does SpamAssassin examine?
  • White- and blacklisting
  • Creating own rulesets
  • User-specific settings
  • Benchmarking
  • Optimization

Deliverability

  • Sending mail in a world of spam hysteria
  • Measuring and monitoring the quality of outgoing mail with open source tools and conforming to the law
  • Reputation vs. "dumb" Anti-spam methods
  • Identifying, bypassing and rectifying blocks proactively

Availability

  • Active security through load balancing
  • No mail lost thanks to DRBD
  • "Yikes spikes!" - Statistics for postmasters
  • Optimizing filters gezielt specifically
  • Rapid alert systems against sending failures
  • Reporting
  • SNMP for postfix und amavisd-new