I use a combination of Greylisting (Postgrey), RBL's (at the moment SpamHaus and SpamCop)
along with data validation (for example, requiring that EHLO is a fqdn and that any senders
have a valid domain name and domain records). This easily cuts out about 95% of any potential
Spam before it hit's the server.
Custom white/blacklists for important e-mail and then enabling Bayesian analysis on
Spamassassin to learn mean that I get 2 or 3 false negatives a month. In fact, I only receive
around 70-100 Spam messages a month.
Let me know if you (or anyone else interested) is using Postfix and I'll send over the
I am using Postfix
I'm not familiar with ISPconfig, but the more important matter is what is your back-end MTA?
If it's Postfix, I can help.
I haven't used ISPconfig but can't recommend greylisting enough for stopping 90% of spam.
It's worked really well, see here:http://www.servercircle.c ...
Your solution may not be in spamassassin. You can probably kill loads of spam at the SMTP
layer before spamassassin by implementing DNSBL/RBLs (realtime block lists -
) which will reject the SMTP connection from known spam
There's several RBLs at http://www.sdsc.edu/~jeff/spam/cbc.html
If you're still receiving spam it could be that you need to update your spamassassin rules,
take a look at sa-update if this isn't included as part of ispconfig2