So as requested by @ozgurerdogan
- Custom ClamAV-Signatures added, inspired from here https://forum.proxmox.com/threads/more-clamav-signatures-via-databasecustomurl.93206/
- Business Linux Editionfrom AVAST for 3 Years.
We have about 200k in/out E-Mails per month, not that much. This is current month virus/scam detection-Chart.
Currently we use this DNSBL-Sites-List with Threshold "3"
wl.mailspike.net*-1,
list.dnswl.org*-1,
score.senderscore.com=127.0.[0..255].80..100]*-1,
zen.spamhaus.org*2,
bl.spamcop.net*2,
psbl.surriel.com*2,
spamrbl.imp.ch*2,
noptr.spamrats.com*2,
escalations.dnsbl.sorbs.net*2,
bl.score.senderscore.com*1,
bl.spameatingmonkey.net*2,
rbl.realtimeblacklist.com*2,
dnsbl.dronebl.org*2,
ix.dnsbl.manitu.net*2,
b.barracudacentral.org,
truncate.gbudb.net,
bl.blocklist.de,
nomail.rhsbl.sorbs.net*2,
badconf.rhsbl.sorbs.net*2,
zombie.dnsbl.sorbs.net*2,
smtp.dnsbl.sorbs.net*2,
dnsbl.dronebl.org,
ip4.bl.zenrbl.pl,
apikeyhidden.combined.mail.abusix.zone*2,
rhsbl.rbl.polspam.pl,dnsbl.spfbl.net,
spam.dnsbl.anonmails.de,
dnsbl.justspam.org,
rbl.rbldns.ru,
bl.0spam.org,
0spam.fusionzero.com,
rbl.metunet.com,
all.s5h.net,
rhsbl.rbl.polspam.pl,
dnsbl.zapbl.net,
black.dnsbl.brukalai.lt,
black.junkemailfilter.com,
all.spamrats.com,
dnsbl.tornevall.org,
dnsbl-3.uceprotect.net,
bl-h3.rbl.polspam.pl
We also made a VirusTotal-API-Checkscript. But this is not allowed in commercial usage without paying. So it was more a proof of concept.
https://forum.proxmox.com/threads/virustotal-api-integration.113194/#post-489113
Greylisting is enabled and also SPF and Before Queue Filtering
At least we use Mail Filter in different Levels for different Domains. Sharpest blocks already at Spam Level 5.
Was enabled after feeding the PMG-Database with tons of known E-Mail-Adresses and Domains from Customers Contacts...
- Custom ClamAV-Signatures added, inspired from here https://forum.proxmox.com/threads/more-clamav-signatures-via-databasecustomurl.93206/
- Business Linux Editionfrom AVAST for 3 Years.
We have about 200k in/out E-Mails per month, not that much. This is current month virus/scam detection-Chart.
Currently we use this DNSBL-Sites-List with Threshold "3"
wl.mailspike.net*-1,
list.dnswl.org*-1,
score.senderscore.com=127.0.[0..255].80..100]*-1,
zen.spamhaus.org*2,
bl.spamcop.net*2,
psbl.surriel.com*2,
spamrbl.imp.ch*2,
noptr.spamrats.com*2,
escalations.dnsbl.sorbs.net*2,
bl.score.senderscore.com*1,
bl.spameatingmonkey.net*2,
rbl.realtimeblacklist.com*2,
dnsbl.dronebl.org*2,
ix.dnsbl.manitu.net*2,
b.barracudacentral.org,
truncate.gbudb.net,
bl.blocklist.de,
nomail.rhsbl.sorbs.net*2,
badconf.rhsbl.sorbs.net*2,
zombie.dnsbl.sorbs.net*2,
smtp.dnsbl.sorbs.net*2,
dnsbl.dronebl.org,
ip4.bl.zenrbl.pl,
apikeyhidden.combined.mail.abusix.zone*2,
rhsbl.rbl.polspam.pl,dnsbl.spfbl.net,
spam.dnsbl.anonmails.de,
dnsbl.justspam.org,
rbl.rbldns.ru,
bl.0spam.org,
0spam.fusionzero.com,
rbl.metunet.com,
all.s5h.net,
rhsbl.rbl.polspam.pl,
dnsbl.zapbl.net,
black.dnsbl.brukalai.lt,
black.junkemailfilter.com,
all.spamrats.com,
dnsbl.tornevall.org,
dnsbl-3.uceprotect.net,
bl-h3.rbl.polspam.pl
We also made a VirusTotal-API-Checkscript. But this is not allowed in commercial usage without paying. So it was more a proof of concept.
https://forum.proxmox.com/threads/virustotal-api-integration.113194/#post-489113
Greylisting is enabled and also SPF and Before Queue Filtering
At least we use Mail Filter in different Levels for different Domains. Sharpest blocks already at Spam Level 5.
Was enabled after feeding the PMG-Database with tons of known E-Mail-Adresses and Domains from Customers Contacts...
