Spam and malware are the banes of every e-mail user's existence. Fortunately, a properly configured mail server running BSD (or any other UNIX-like operating system) can protect users, including those running other operating systems on their client machines, from these nuisances while rejecting virtually no legitimate traffic. This tutorial describes how to configure systems running BSD and Sendmail (the techniques are also applicable to other, similar environments) to use DNS blacklists, mail "sanitizing" scripts, daemons that watch logs for evidence of spamming and "mail bombing," and similar utilities. We also discuss strategies for prevention of unauthorized relaying and blocking of outbound spam. Detailed are countermeasures against address harvesting and privacy invasion techniques such as "Rumplestiltskin" attacks, fingerd scans, tracking via identd, e-mail cookies, and malicious image tags in HTML mail. We finally provide links to source materials and relevant software tools. This updated paper, first presented to rave reviews at BSDCon, expands to encompass the current state of the art.