My client has finally had enough of being attacked via SPAM/Viruses and having his single email account for his company being destroyed. Since it is a single account and he does not want to add additional accounts or create a new one(mail is hosted by ISP), I wanted to ask the forum on their opinion on using Fetchmail to download the POP3 mail and having it piped through SMAM Assassion or DSpam and or CLAM_AV or F-PROT. In addition to that I am going to use a corporate strength anti-virus such as F-prot(Been using for years) and really put this email through a microscope. I also was thinking of just blocking out all domains other than his clients list of domains so in other words block all and allow just the domains that we know are valid and are only from his clients. It is super restrictive but what I believe will end his issue. Any comments?

I did this for myself a while back. The approach I used was to pipe through

1. Vipul's razor. This alone counted caught over half of the spam, and sidelined it.
2. DCC. While messier to set up, this caught bulk mail.Not much in my case.
3. spamd/spamc from spamassassin. I had sessions for a few weeks trying mail. I would fiddle rules and scores on false positives and negatives trying to get them to land correctly. Because of the nature of the spam I was getting, I had a 95% - 103% coverage (approximately). This meant my dodgy brother in the States always ended up in the spam, but I felt that was the right place for him. You would have to back off a little on my settings for a commercial outfit.

By penalizing exes and zips in spamassassin I got away with no anti-virus, but that was before the days of sophisticated worms and the like. I would be using clamav now.

I also tracked what rules were actually hitting. I found some of the extra rule sets were very good, and the bulky standard ones hit nothing. As my box was resource challenged, I lifted some of those. I would have problems with bulk mail as too many procmail processes stopped it.

I wouldn't block domains. There are lists you can use spamhaus, etc. Bear in mind with fetchmail, you can't reject mail.

would it be better to use sendmail(MTA) procmail(organize mail), dovecot(IMAP and POP stuff)? Also as far as SPAM filtering/Virus protection is concerned which is preferred(SPAM ASSASSIN, DSPAM, SPAM BAYES? Also as far as an anti-virus is concerned I prefer to use F-prot(I have used it for years) and am not confident in what clamav can do. I have never used it an office environment. Thanks

you are more or less stuck with procmail, because if you're picking from an isp, rejecting mail isn't open to you. Picture it - fetchmail getting the next message and you saying 'I don't want it.' You will need an mta. I used postfix, because it's secure & configurable. Avoid qmail, if you want my advice.

I don't know where it's going, btw. With only one email, I imagine one person must be responsible for it internally. Beware of permissions; procmail barfs if your user's mail directories aren't owned by that user with permissions 0600.

A more normal thing is to have a mail server deciding whose mail it is, several email addresses, and nobody has to distribute it. You can set up a domain and have three or four external addresses fetched and added into the mix(info@, sales@, m.d.@, returns@). That is better.

this client is avid on having just one e-mail account. I will go the postfix, procmail,dovecot,f-prot and spamassassin route. Can you recommend a decent how to for what I want to do? Ok Let me see if I understand this correctly. I have 2 options:

1 - The simpler of the too. Go with fetchmail, procmail, dovecot,Spam Assassin and F-prot. I wont have to create an MX record, I would just pull down the POP3 mail and have procmail organize it,SPAMASSASSIN/F-PROT to filter the e-mail and use dovecot for the IMAP connections and ultimately have outlook client configured to pull the e-mail from the server.

2 - The more difficult of the too. Go with postfix, procmail, dovecot, spamassassin/f-prot and bind. Create a MX record to point to my internal e-mail server from the ISP, Setup a bind for DNS and setup postfix to receive the e-mail. Then use procmail to organize the e-mail and use spamassassin/f-prot to filter it. Then use dovecot for IMAP a connection and simple setup the outlook clients for IMAP pointing the server for e-mail.

Any feedback?

I would do

3. Use fetchmail for the external account. Have some internal server (which sendmail requires) even if only to pump mail at one address via vipul's razor, clamav, dcc, & spamassassin in that order (for minimal processing effort) Use procmail to achieve this.

Offer the option of internal company email addresses if the client wants them. Creating the MX record is something isps is very loath to do except for a big outfit. If you do it it simply will never be consulted unless the isp points at it.

so have fetchmail pull the pop mail to an internal postfix/procmail/dovecot/mailscanner server ?

You are not giving us details of your options. I took it that the company had one email address on an isp somewhere, and that this was not to be changed.
If that isn;'t the case, outline what is.