Home Server Mail Setup

My home server is the primary mail server for my domains (with a fall-back at my ISP) so I'm running the fairly heavy-duty Exim for routing/scanning/delivery of incoming/outgoing mail.

I get a lot of spam sent to me (1000s per day) which requires a pretty aggressive anti-spam system..

My Exim configured rejects any incoming mail who's recipient does not exist, who's sender is in a number of Realtime Blocklists (RBLs) or who's mail server sends invalid SMTP commands. It then 'greylists' any incoming mail, requiring the sending mail server to resend after a short period. Most spam-bots do not resend so this stops a lot of spam before it even gets past the first steps of delivery.

When the second attempt to send greylisted mail comes in Exim does some more low-level checks then runs the mail through Spamassassin. Spamassassin is set up to check RBLs, do Bayesian filtering based on previously flagged spam and any spam found in users' 'this-is-spam' IMAP folders and runs attached/included images through FuzzyOCR, an Optical Character Recognition plugin to find spam in images as well as running all the usual Spamassassin checks.

Any spam that scores higher than a certain cutoff is rejected, suspected spam with a score below the cutoff is flagged as such, virus-scanned with Clam anti-virus and (if no virus is found) delivered. Keeping Spamassassin and Clam anti-virus databases on ramdisks rather than physical disks speeds things up siginificantly but to be honest so much spam and viruses are blocked by earlier stages of the system that that's really just overkill.

This may seem excessive but it (currently, fingers-crossed) cuts out 100% of spam sent to me. Rejecting as much spam as possible before it is accepted for delivery removes the requirement to send 'bounce' messages (which are bad as most spammers use someone else's e-mail address as the return address) and rejecting obvious spam as soon as possible in the delivery process reduces load on the server.

The only spam that gets through is spam being sent to one of the honeypot addresses/domains that I use to collect spam. I have hidden certain e-mail addresses that have no legitimate use around the Internet where they can only be found by spammer's automated web-crawlers and not by legitimate users. When these addresses are spammed special Exim rules allow the spam in but it is not delivered, simply automatically reported to a variety of distributed anti-spam services to help them identify similar spam.

I need to access my e-mail from various places and do not like webmail (I prefer the complete control I have running my own mail server) so I run a Courier IMAP server on my home server. Using an IMAP server to organise and view my mail means I can keep all my mail on the server and access it from anywhere - home desktop, work desktop, netbook, mobile phone and so on without having duplicate copies all over the place. Needless to say this is secured with SSL or accessed over a VPN.