Spam Filtering: January 2006 Archives
According to a post on Jason's blog (welcome to the blogosphere by the way!) Irish ISP Smart Telecom have decided to block port 25.
It seems that the new policy affects all customers unless they have a static IP and specifically request that the restriction be lifted.
It's an interesting and quite brave move for an Irish ISP to make and probably won't be the last one.
From the point of view of hosting providers this could hail a "sea change" with regard to SMTP usage and access, as clients will be forced to use their ISP's outbound mail server.
While this may cause issues for "domestic" subscribers it probably won't have any serious long-term effects on business users.
EDIT: Wrong link! Well spotted
Last year the spamassasin project ran a competition to design a new logo.
Justin posted a link to a number of very nice versions of the logo this evening
I hadn't realised that there were so many variants available for immediate use:
I mentioned Microsoft / MSN / Hotmail's recent initiative SNDS a few days ago.
At the time I hadn't really had the opportunity to explore it and was finding the navigation around it quite annoying (ie. I couldn't find what I was looking for easily, so I got bored and left).
I've since has some time to explore the interface a bit more and, while I do believe it could be improved on, I would have to detract my previous comments (at least to some degree).
Once you have successfully added your IP blocks to the system you can access some very interesting reports. Choose any day in the past 90 days to see activity on your blocks. If there hasn't been any noteworthy activity on a block no data will appear:
Please note that days where it sent less than 100 messages will be indistinguishable from days where it sent no messages at all, because neither will show up below.So rather than being overwhelmed with data you can drill down to the important bits ie. the ones where the vast majority of mail was sent from. To make it easier to decipher they've colour coded it as follows:
- Green - less than 10% spam
- Yellow - between 10% and 90% spam
- Red - more than 90% spam
Blogh An Seanchai provides an email disclaimer in the Irish language (Gaelic - gaeilge)
In a perfect world everybody would have their own domain name and hosting account (with us of course :) ), but the reality is that for many people free email services like the one provided by Microsoft's Hotmail service are here to stay.
Continue reading Improve Email Delivery Rate To Hotmail.
This howto was written in order to help users of DirectAdmin install and correctly configure MailScanner with Exim.
It is based on several years experience working with MailScanner and has been used in the installation of production servers running a variety of rpm based linux distributions including:
RedHat 9
Fedora
Centos
WhiteBox
While every effort has been made to make this howto as comprehensive and easy to follow as possible the author welcomes feedback.
Before you start you should install vim.
On most Red Hat Enterprise clones, such as Centos, the following command should work:
yum install vim-enhanced
I would recommend creating a directory such as /home/installstuff or similar for any files / packages related to your MailScanner setup.
The next step is to install SpamAssassin.
There are a number of ways of doing this, however the developer of MailScanner has put together an easy to use package that will install all the required perl Modules for you. It can be downloaded here.
NB: As of SA 3.1 the licensing has changed for some of the plugins. You will need to enable razor etc., in the *.pre files in the /etc/mail/spamassassin directory
Now to install MailScanner.
First download the MailScanner rpm tarball from the website.
There are usually two versions available – stable and beta.
wget location of file tar -zxvf MailScanner file cd MailScanner directory ./install.sh
For example, to download and install the current beta version at time of writing the command would be:
wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.50.8-1.rpm.tar.gz tar -zxvf MailScanner-4.50.8-1.rpm.tar.gz cd MailScanner-4.50.8-1 ./install.sh
Relax and have a cup of coffee.
Once the install is finished you can proceed with the setup of MailScanner to work with exim.
You need to change the permissions on the MailScanner spool directory:
chown -R mail.mail /var/spool/MailScanner
MailScanner works by running two processes of the MTA.
One listens for SMTP connections (inbound mail) while the other processes outbound mail. If you think of it like this:
mail > exim > MailScanner > exim
Mail is passed from one exim process to the other via MailScanner, where all the content checks are conducted. For this reason you need to have two .conf files for exim. One for each exim process.
Always create backups!
cp /etc/exim.conf /etc/exim.back
Make a copy to handle outbound mail:
cp /etc/exim.conf /etc/exim_send.conf
Edit the exim.conf file:
vim /etc/exim.conf
and add the following lines in the main part of the configuration:
#Added for MailScanner mail queues and logging
spool_directory = /var/spool/exim.in queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog
MailScanner comes with its own startup script, so you can safely get rid of the original one:
#cd /etc/init.d/ cp exim exim.orig;chmod -x exim.orig rm exim
However, DirectAdmin will check for the exim file, so we create a symlink to fool it:
ln -s MailScanner exim
NB: You may need to do this again if a DirectAdmin update installs a new exim init script
Create the following directories:
then fix the ownership:
Now you need to customise your MailScanner.conf both for your particular server and to let it know that it is running exim:
Open MailScanner.conf in vim as follows:
vim /etc/MailScanner/MailScanner.conf
The file is very well documented. Please read it!
You should edit the following settings:
%org-name% = servername
%org-long-name% = Your Company Name .
%web-site% = www.yourwebaddress.tld
Now to tell it about your exim configuration.
Find the following lines in MailScanner.conf and edit as indicated:
#Run As User = mail
#Run As User = postfix
Run As User = mail # Group to run as (not normally used for sendmail)
#Run As Group = mail
#Run As Group = postfix
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_send.conf
MTA = exim (as opposed to sendmail)
You can further tweak your MailScanner settings later on.
Some more changes are needed to finalise your setup.
MailScanner should autodetect exim, but you need to make a number of changes to /etc/sysconfig/MailScanner do the following:
mkdir /usr/local/exim/
mkdir /usr/local/exim/bin
make the following symlinks:
ln -s /etc/exim_send.conf /usr/local/exim/exim_send.conf
ln -s /etc/exim.conf /usr/local/exim/configure
ln -s /usr/sbin/exim /usr/local/exim/exim
ln -s /usr/sbin/exim /usr/local/exim/bin/exim
To test if it is working properly or not issue the following command:
/etc/init.d/MailScanner restart;tail -f /var/log/maillog
You should see something like the following:
Shutting down MailScanner daemons: MailScanner: [ OK ]
incoming exim: [ OK ]
outgoing exim: [ OK ]
Starting MailScanner daemons:
incoming exim: [ OK ]
outgoing exim: [ OK ]
MailScanner: [ OK ]
Keep an eye on the logs for a few minutes. If anything is wrong you should see an error in them.
In order to increase your setup's effectiveness against spam and viruses you can now tweak your settings.
As I already mentioned, the MailScanner.conf file is very well commented, so read what the configuration options are doing before you actually change them on a production system.
This method of setting up MailScanner has been tried and tested.
It works for us, however any feedback is always appreciated.
It is based on several years experience working with MailScanner and has been used in the installation of production servers running a variety of rpm based linux distributions including:
RedHat 9
Fedora
Centos
WhiteBox
While every effort has been made to make this howto as comprehensive and easy to follow as possible the author welcomes feedback.
Before you start you should install vim.
On most Red Hat Enterprise clones, such as Centos, the following command should work:
yum install vim-enhanced
I would recommend creating a directory such as /home/installstuff or similar for any files / packages related to your MailScanner setup.
The next step is to install SpamAssassin.
There are a number of ways of doing this, however the developer of MailScanner has put together an easy to use package that will install all the required perl Modules for you. It can be downloaded here.
NB: As of SA 3.1 the licensing has changed for some of the plugins. You will need to enable razor etc., in the *.pre files in the /etc/mail/spamassassin directory
Now to install MailScanner.
First download the MailScanner rpm tarball from the website.
There are usually two versions available – stable and beta.
wget location of file tar -zxvf MailScanner file cd MailScanner directory ./install.sh
For example, to download and install the current beta version at time of writing the command would be:
wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.50.8-1.rpm.tar.gz tar -zxvf MailScanner-4.50.8-1.rpm.tar.gz cd MailScanner-4.50.8-1 ./install.sh
Relax and have a cup of coffee.
Once the install is finished you can proceed with the setup of MailScanner to work with exim.
You need to change the permissions on the MailScanner spool directory:
chown -R mail.mail /var/spool/MailScanner
MailScanner works by running two processes of the MTA.
One listens for SMTP connections (inbound mail) while the other processes outbound mail. If you think of it like this:
mail > exim > MailScanner > exim
Mail is passed from one exim process to the other via MailScanner, where all the content checks are conducted. For this reason you need to have two .conf files for exim. One for each exim process.
Always create backups!
cp /etc/exim.conf /etc/exim.back
Make a copy to handle outbound mail:
cp /etc/exim.conf /etc/exim_send.conf
Edit the exim.conf file:
vim /etc/exim.conf
and add the following lines in the main part of the configuration:
#Added for MailScanner mail queues and logging
spool_directory = /var/spool/exim.in queue_only = true
queue_only_override = false
log_file_path = /var/spool/exim/msglog/%slog
MailScanner comes with its own startup script, so you can safely get rid of the original one:
#cd /etc/init.d/ cp exim exim.orig;chmod -x exim.orig rm exim
However, DirectAdmin will check for the exim file, so we create a symlink to fool it:
ln -s MailScanner exim
NB: You may need to do this again if a DirectAdmin update installs a new exim init script
Create the following directories:
mkdir /var/spool/exim.in
mkdir /var/spool/exim.in/input
mkdir /var/spool/exim.in/data
mkdir /var/spool/exim.in/db
then fix the ownership:
chown -R mail.mail /var/spool/exim.in/
Now you need to customise your MailScanner.conf both for your particular server and to let it know that it is running exim:
Open MailScanner.conf in vim as follows:
vim /etc/MailScanner/MailScanner.conf
The file is very well documented. Please read it!
You should edit the following settings:
%org-name% = servername
%org-long-name% = Your Company Name .
%web-site% = www.yourwebaddress.tld
Now to tell it about your exim configuration.
Find the following lines in MailScanner.conf and edit as indicated:
#Run As User = mail
#Run As User = postfix
Run As User = mail # Group to run as (not normally used for sendmail)
#Run As Group = mail
#Run As Group = postfix
Run As Group = mail
Incoming Queue Dir = /var/spool/exim.in/input
Outgoing Queue Dir = /var/spool/exim/input
Sendmail = /usr/sbin/exim -C /etc/exim.conf
Sendmail2 = /usr/sbin/exim -C /etc/exim_send.conf
MTA = exim (as opposed to sendmail)
You can further tweak your MailScanner settings later on.
Some more changes are needed to finalise your setup.
MailScanner should autodetect exim, but you need to make a number of changes to /etc/sysconfig/MailScanner do the following:
mkdir /usr/local/exim/
mkdir /usr/local/exim/bin
make the following symlinks:
ln -s /etc/exim_send.conf /usr/local/exim/exim_send.conf
ln -s /etc/exim.conf /usr/local/exim/configure
ln -s /usr/sbin/exim /usr/local/exim/exim
ln -s /usr/sbin/exim /usr/local/exim/bin/exim
To test if it is working properly or not issue the following command:
/etc/init.d/MailScanner restart;tail -f /var/log/maillog
You should see something like the following:
Shutting down MailScanner daemons: MailScanner: [ OK ]
incoming exim: [ OK ]
outgoing exim: [ OK ]
Starting MailScanner daemons:
incoming exim: [ OK ]
outgoing exim: [ OK ]
MailScanner: [ OK ]
Keep an eye on the logs for a few minutes. If anything is wrong you should see an error in them.
In order to increase your setup's effectiveness against spam and viruses you can now tweak your settings.
As I already mentioned, the MailScanner.conf file is very well commented, so read what the configuration options are doing before you actually change them on a production system.
This method of setting up MailScanner has been tried and tested.
It works for us, however any feedback is always appreciated.
It's been a while since I've mentioned MailScanner, partly because it "just works" :)
However, Julian (who should have a blog!) has been making quite a few changes "under the hood" over the last few weeks, which culminated in a new beta release this afternoon.
Continue reading MailScanner Adds New Features.
