Building Anti-Spam filtering service

Im wanting to build an anti-spam filtering service (like Postini) for my company as well as my clients.

If one was to develop such an appliance, what software would one need to get good filtering results similar to Postini? I was thinking of using CentOS as the OS, with Postfix.

Anyone have any good ideas on how to accomplish such a task?

PS: If anyone is experienced with such a thing, i'd pay for your time in helping me setup a box.

Postini was an excellent service that I used for years when I was an ISP, but duplicating that service would be a rather onerous undertaking.

Have you taken a look at the service that pobox.com offers. They use a number of different Black Lists that the client can choose from and send out simultaneous queries to all of them. The first one to return a negative (or positive depending on how you look at it) causes the message to be bounced or quarantined (client choice). If that passes, then they use Cloudmark to scan the message as a final check. Because this final check is done after receipt, it cannot be bounced.

Also, you may want to have a look at DMARC. It is still in the early stages and is intended to address phishing, but it seems to be quite effective at reducing spam for a receiver.

J.A. Coutts

Thanks for the info but I'm trying to cut out the middle man, I have the resources to run the server including the datacenter, so i thought it made more sense to do it ourselves rather than pay for someone else to provide the service.

I was not trying to infer that pobox.com offered a service similar to Postini, as I really don't know how Postini worked other than it used a forwarding service. You set the DNS up so that email was directed to Postini servers, and then Postini would quarantine suspected spam, and forward the rest. Because of the complexity involved in setting up the DNS, it was only appropriate for email providers. I believe that they used spam traps to identify spammers, but of that I am not sure.

Both Pobox and Postini offered Web service so that clients could revue quarantined mail, and delete or release it. Pobox is unique in that you could configure it to bounce spam before receipt, and it provides service to individuals instead of ISP's. Bouncing email before data allowed me to reduce spam from an average of 6 a day to maybe one per week, and the daily reports allowed me to identify false positives (maybe 1 a month).

But both of them utilized highly customized software that would be very expensive to reproduce. I presume that is why Google bought out Postini.

J.A. Coutts