*Free* Anti-Spam server software

[Onslo]

ASSP Anti-Spam SMTP Proxy
This sits in front of your SMTP server port 25 and filters connections and email content based on numerous (and I really mean numerous!) conditions and attributes. It does mean that you have to re-configure your SMTP servers TCP port from 25 to something else (usually 125) but the effect on spam prevention is well worth it.

FireTrust MailWasher Server
To augment the anti-spam solution even further try this. It sits around the SMTP server installation and allows filtering and spam recognition mechanisms by way of a queue-conduit. I use it to augment the protection level offered by ASSP. You can pay for a subscription to the Firstalert service which will "improve" the spam detection further, but with ASSP sat in front there really is no need unless you are really paranoid.

Both solutions require an element of "training". Those of you familiar with POPFile will understand what this means, but in my opinion it's altogether a better approach to spam handling than popfile offers because the spam can be "treated" server-side as opposed to client or even client-proxy side.

'Slo

[Memfis]

Hi 'Slo

Long time no see, hope you're OK

I run greylisting & spamassassin. Greylisting works really well & got rid of most if not all of my spam. My Spamassessin isn't quite setup right and could do with tweaking. Does ASSP interfere with TLS auth for authorised smtp users?

[Onslo]

ummmm, dunno.
I don't think there is anything available within the GUI for TLS (secure SMTP).
Probably worth checking our their wiki or forum to be sure.

'Slo

[silver]

will have to check them out,. I'm reasonably spam free as most stuff is rejected at the smtp connect stage, will check the ones you mention as mine is lacking in a few areas

my current solution > http://www.the-scream.co.uk/forums/t25069.html?

[Onslo]

Yeah, MailWasher has a setting to allow you to discard the message if the user doesn't exist. Of the two I mention ASSP is by far the more versatile.

[silver]

yeah - mailwasher (or popfile) fixes stuff once the mail is delivered,. ideally prefer to ditch it as the smtp connect so it is never even allowed onto the mailserver, I presume is what ASSP does?

[Onslo]

yep... both ASSP and MailWasher can ditch it before it enters the mailserver.
ASSP can be more agressive about this when you use it's PenaltyBox features.
MailWasher is a bit different in that it mainly filters mail and either quarantines it, discards it, or forwards it depending on what you choose. Whe discarding a message due to non-existant user the mali never actually touches the qmail queue, it is dicarded before hand.

My aim is to get ASSP trained up and then only use MailWahser as a secondary filter to catch anythng that ASSP misses, mainly because on their own they do a good job, but together they do a fantastic job.

[silver]

oh,. for some reason when you said mailwasher I was thinking of that other mail thing called mailwasher than works by connecting to pop server

will check them out - the magic mail setup I use ditches non-existant users before they hit the mail queue (and also I've set it up to filter based on connecting MTAs IP addrs)

[Onslo]

Yes that MailWasher is made by the same company.... this is the server version.

[silver]

ah

[silver]

just reading through the ones linked above,. the bayesian approach is not quite dead but it seems spammers stuff other stuff in which makes it less effective,. the Perl based ASSP might be cool as it should be easy to hack it around

I still use popfile but it was dieing on it's arse with the amount of spam coming onto the server (am not running supercomputers!) - on the day I installed solution listed it blocked 1741 spam emails, looking at yesterday it blocked 1045 spam,.

all done at the SMTP connect and the connecting server is made to wait and then get a 'USER DOES NOT EXIST' - takes no training and is very effective w/ little overhead

anyway - will add to list as ano option http://www.linuxmagic.com/opensource...il/magic-smtpd - is drop in replacement for the qmail 'qmail-smtpd' server and easy to setup

[Onslo]

Sounds good, I wonder if the MailWasher qmail-conduit would run with it.
At the moment I use the qmail-conduit to reject unknown addresses, but obviously ASSP is still having to process them because it sits in front of qmail.
There is a way to make ASSP validate local addresses, but it's a maunal entry to the config and not something that is automatic (unlike MailWasher or magic-smtpd).
I'll turn it on and see what happens

[Onslo]

So I added the "known" user addresses , some wildcarded, some complete to ASSP and it has further reduced the load on my server and the amount of processing of spam that any of my solutions have to do.
I should really take more care and define a standard set of email addresses for the domains that i own (eg hostmaster@, webmaster@, etc etc) that way i could use a template to add the new entries for each domain.

So far, my best firend this year is definately ASSP

'Slo

P.S. Still might try magic-smtp too, to see if MailWasher will run as a conduit to it for even more prevention.

[silver]

dude.. I have a list of 'spam targets' listed in the magic-smtpd config (webmaster@ etc) and that alone reduces a lot of spam,. you only need to do it once regardless of the amt of domains you receive mail for - it all goes through the same skript

I will further try to persuade you of it's effectivness outside of the forum

[Onslo]

but but, i don't get any spam anymore....
.....and to be honest, magic-smtp sounds a lot like ASSP, but with fewer options. I can set "Spam Lover" targets too and you can use them to train the bayesian filter if you want.



'Slo

[silver]

baysian whatever,. it's gonna fall over when the corpus gets full

if you are happy that's fine - magic-smtp + simple script for checking users puts very little load on server / requires no training / does not get false positives and rejects at the smtp connect (no such user)

[Onslo]

so does ASSP !

BTW, bayesian is just one way that ASSP filters mail that it does actually allow to be processed. It also check RBL lists, SPF records, PTR, SRS, ClamAV screening, repeated connection attempts, idle smtp sessions, etc etc the list goes on

[silver]

ah - well it sounds like it does too much, I like to keep things simple

[Onslo]

Until you start getting spam again.... you'll see the light

[Memfis]

Greylist That's the way to go

Seriously tho, never had a spam since I installed it on my domains. Only spam I get now is through ts! addies.
It immediately accepts mail from people you've received from before, but delays unknown messages. real messages get retried later, spambots generally don't.
this also delays spam long enough for it to get listed on the rbl's.
I then run the mail through rbl's and spam assassin although little of it gets that far.

So When do we get greylisting on ts! server?
Tho I suppose you'll each want to do it your way and we'll get stuck in deadlock lol.

I wonder what ian thinks

[Onslo]

They will work together... you can have ASSP sit in front of magic-smtp, which in turn could be surrunded by the mailwasher conduit.
Possibly slight overkill, and i'm not certain whether the magic-smtp part would work with mailwasher.

However, you probably wouldn't even need mailwasher after all that

'Slo

[Onslo]

Forgot to mention ...

ASSP Cpanel plugin : http://www.grscripts.com/

[Onslo]

@mem,

So you don't filter on TS! mail like you would any other mail ?
My TS! mail gets sent to a web account that then forwards it to an special account on one of my own domains. It gets checked in the same way any other mail would and only the "valid" mails gets through.

I do agree that it would be better to not have to forward spam at all, the TS! server should be blocking as much as it can at the smtp session, so something like ASSP or magic-smtp (or both ) would work well.

What do we use at the moment ? SpamAssasin ?

'Slo

[silver]

am not keen on the temp fail / retry idea.. well in theory is good for certain things but would prefer email to get through quickly when it is sent,., plus while today temp fail / retry defeats spam bots they will soon adapt to retry... perhaps

[Onslo]

Then they'd have to get past the penalty box system.... there is contingency built in with ASSP in almost every module.

[Memfis]

@sil, Generally Mail is retried for something like 24 hours before it gets bounced back to the sender.
I think a 20 min greylist is average however I run mine at less than 5 mins.
Remember that once you've recieved an email from someone, they then aren't greylisted.

@slo, yes but because ts! is a spam relay and not the spam source it defeats greylisting. My spam assassin setup needs tweaking as is scores spam too low.

[Memfis]

At the end of the day, you cant beat the Java Dev Null SMTP server.

Best anti spam solution there is

[Onslo]

That's where SRS is handy.... complicated but probably very useful.
I say "probably" becuase I don't actually have it enabled in ASSP

'Slo