One of the best ways to filter out spam and viruses is to just use a third-party service to do so. You can still enable various spam filters on the server itself (and you should). However, a third-party service will block out much of the junk mail before it comes into your network, freeing up your server to be far more effective in the tasks you actually want it to perform.

Most of the third-party spam filtration tools work by intercepting mail before it comes to your server and then delivering filtered mail to the server. These can operate in one of two ways. The first is as an add-on for your firewall, or gateway, appliance. Cisco, SonicWALL, Barracuda, and many others build solutions for these types of uses (you can easily build your own filter using SpamAssassin and put it in the demilitarized zone of your network, if you have one). The second way to filter mail before it gets to the server is to use a third-party service. Examples of these include Postini (now a part of Google and soon to be called Google Message Continuity) and McAfee SaaS Email Protection (formerly called MXLogic).

Reducing incoming traffic to the network will likely stop at least one major network or mail server outage. This might be from a massive accumulation of spam that is being scanned by SpamAssassin, by a large quantity of viruses hitting the server at once, or just the wide area network connection to your network going down. Wait, did I forget to mention the best part of the services? They queue up mail if your mail server goes offline and allow you to change IP addresses on the fly to deliver mail to a backup mail server, if need be.

Filtering spam and viruses before they come to your server is a great idea. But not everyone can do so, and even for those who can, the server should still run a local instance of a spam and a virus filter. As you likely noticed while running the setup assistant, both of these are built into Lion Server. These include ClamAV, the anti-virus tool, and SpamAssassin, the spam filtering tool.

Once the server is set up and configured, there are a few things that are important to know about ClamAV and SpamAssassin. The first is access to global configurations for both through Server Admin. The second is that while we are only going to look at the tools in Server Admin, there are also a lot of command-line options and options in configuration files that can be used to customize the server. A good reference for SpamAssassin is http://www.amazon.com/SpamAssassin-Alan-Schwartz-PH-D/dp/0596007078/ref=sr_1_1?ie=UTF8&qid=1322104074&sr=8-1. ClamAV is well documented online.

Access the options in Server Admin by clicking on the Mail service and then clicking on Settings in the Server Admin toolbar. Click on Filters to bring up the virus and junk mail filters. Here, you can set the languages that the server will accept mail from, add information into the subject line (useful for setting up client rules that take this tag into account), notify recipients of mail that a virus was found, and set the frequency the virus database is updated (7 is a good minimum value for this).

You can also set the junk mail score. SpamAssassin rates the likelihood an email is junk by assigning numerical hits to certain rules the message violates; for example, if a message has the word Viagra in it, the number of hits will likely increase by one. The slider at the top of the Filters shows the minimum score before a message is treated as junk, as can be seen in Figure 6-14.

Figure 6-14. Configuring junk mail filters

If you are relying on using the spam and virus filters in Lion Server, I recommend at least using a subject tag or bouncing junk mail outright. I also recommend bouncing email that has been infected by a virus. Either of these can cause problems in certain circumstances. If the server gets a lot of messages that need to get sent back to the sender, then those messages can clog the queue. If this happens, disable the filters temporarily (or set the messages to be deleted).