server tests home : internet : mail : toaster : filtering reverse dns blocking

Mail::Toaster Filtering Overview

First, the big picture. When a mail message is initially delivered to your server, it's typically received by qmail-smtpd which negotiates the SMTP connection with the remote server. In the Mail::Toaster, qmail-smtpd is a bit smarter than average and will reject mail based on a list of criteria, including SPF, SpamThrottle, user validity (chk-user), and qregex. So really this is the very first mail filtering step.

Once the remote client has finished sending the message, qmail-smtpd hands it off to qmail-queue which will write it into the queue for delivery. Once the file is written to disk, qmail-queue exits and qmail-smtpd returns the appropriate exit code the remote mail server (MTA). The qmail-queue handoff is the stage where the content scanners come into play. Rather than immediately delivering the message to qmail-queue, we hand the message off to a content scanner such as qmail-scanner, qscanq, or simscan.

The content scanner will then run a series of tests, likely passing it through a virus scanner such as ClamAV, some anti-spam software such as SpamAssassin, and maybe some file extension or key word blocking. The content scanner will normally add tags to the message so that in the delivery stage, your mail delivery agent(s) such as maildrop, procmail, or vdelivermail can make intelligent choices for you regarding what to do with the message. If the message passes the content scanner tests, it's handed off to qmail-queue for normal delivery.

Qmail-queue will write the message into the appropriate queue (local or remote). If it's local destined message, then qmail-local will come along and find the message in the queue and try delivering it. Qmail-local processes the .qmail files, which call vdelivermail which sets off the chain of events best described in the flow chart below.

Other Spam Filtering Resources

The following section explains all the tools, roughly in the order in which a message will encounter them as it passes through your server. We begin with blocking based on reverse DNS.

reverse dns blocking
RBL (real time blacklists)
qmail-smtpd patches
content filtering
mail delivery
sample ham -vs- spam

Last modified on 4/28/05.