While the actual server is a bit more complicated than this explanation, I feel this should give an idea of how this setup works, and it works great!
I used only six (6) packages to build this setup. All are built from source (except MySQL and perl backend) and are always kept up to date.
Postfix
Dovecot
Amavisd-new
Spam Assassin
ClamAV
DKIM
Lets take a look at incoming mail first. Here is a pretty picture.
While the actual server is a bit more complicated than this explanation, I feel this should give an idea of how this setup works, and it works great!
- Mail comes in to Postfix.
- Postfix checks against the database to ensure the destination account exists on the server. If not, the email is rejected.
- Postfix then sends the email to DKIM (Domain Keys Identified Mail). If there is a DKIM header to the mail, it checks with the hosts DNS server for the matching key. This helps with spam, but is not a perfect system because there are several types of DKIM systems and sometimes the senders DNS server has not been updated with decryption keys.
- Postifx sends the email to amavisd-new.
- Amavisd-new opens the email and any attachments (including archive files like .zip) and sends the message to Spam Assassin and ClamAV.
- Spam Assassin checks for words and phrases that may indicate spam and reports this information back to amavisd-new.
- ClamAV scans the attachments for any potential virus.
- Amavisd-new takes the information back from Spam Assassin, ClamAV, and it’s own configuration file and determines any email headers need to be altered.
- Postfix takes the email once again and ready the new header information reported by amavisd-new. If any check fails, the email is either rejected or returned to sender with information on why the mail could not be delivered (ie. email contains a virus).
- After all checks have been completed, if the email is deemed acceptable, it is handed off to Dovecot for local delivery.
- Users can now access their new mail feeling more confident it is not spam or contains a virus.
Now lets look at is in reverse. This if the outgoing procedure.
- User sends the email to Postfix.
- Postifx sends the email to DKIM to have the signature added to the header.
- Postfix then sends to amavisd-new. By added a clean spam check and virus check to the email header, the message is more likely to be accepted by the remove server.
- After all checks have been completed, Postfix then contacts the remote server to complete the delivery.
While both these processes have been shortened to make them easier to understand. There is a lot done for both incoming and outgoing mail. All of which is done in as little as four (4) seconds before sending the mail to the remove server or to Dovecot for local delivery.