What are the ScanMail Utilities?
The ScanMail Utilities are a set of software designed to help manage your
Unix sendmail Mailserver. They include the ptsfilter which is a sendmail
spam virus filter using the sendmail milter API. In addition to filtering
spam and viruses the ptsfilter also allows you to manage mailbox quotas,
copy incoming and outgoing messages,restrict where your users send and
recieve mail from and more. The Web Configurator allows you to manage
all of this from a web interface. The utilitites also include reports
to help you spot patterns, see which tests are most effective, and
track exactly what is happenning with your email server. Blocking
spam and virus email has never been easier. The ScanMail Utilities
work on any version of Unix including but not limited to FreeBSD, Linux,
and Solaris. ScanMail Utilities allows easy compliance with the E Discovery
email law that became effective December 1, 2006.
Will any version of ScanMail Utilities work with any version of Clamav?
Although all versions of ScanMail Utilities support Clamav, Only ScanMail Utilities
version 9.0 and above will support Clamav version 0.90 and above.
How does ScanMail Utilities comply with the Amendments to the Federal
Rules of Civil Procedure (FRCP) relating to the discovery of electronically
stored information (ESI) that became effective December 1, 2006?
The Amendments to the FRCP basically require storage of, awareness of location,
and the ability to retrieve all ESI. ScanMail can make a copy of every email
both incoming to, and outgoing from your system. The storage location and format
are user specified. The storage and retrieval options can be tailored to
individual needs and capabilities.
How can my users manage more their own settings?
Many settings can be managed by your users including exceptions and
restrictions. You would need to create scripts to use against the
database that are accessible through a webserver.
Steve Ensley at
American Family Online
has developed scripts for just this purpose. They even allow their
users to recover email that was rejected and append it to their mail box.
Contact Steve for more information.
What Tests are most effective against Dictionary Attacks?
What is a Dictionary Attack?
A Dictionary Attack is a spamming technique where spammers submit thousands
or millions of email messages with random addresses. The object of the attack
is to find which addresses are valid either by a DSN or there may be
hidden code in the message
that reports back to the spammer when the email has been opened,
which lets the spammer know which email addresses are valid.
These are then added to the spammer's list,
which is then resold to spammers world wide.
Greylisting is a very good defense against Dictionary attacks. Using the
user restriction test with the user delete recipient option is effective
because the unknown user is deleted from the message without sending a
notice to the sender. For DSN (Delivery Status Notice) attacks use the
discard_dsn option. Using the rebuild_access option will help performance
by adding blacklisted domains and ip addresses to your access file and
discarding the connection or domain as it comes in.
What tests do you suggest for training the Bayesian Filter?
For training the filter in what is spam we recommend the Surbl, Blacklist
Domains and Clamav as good starting points. Teaching it what is good mail
is a little more difficult. If you have an email that recieves no spam
use that email and manually do through the Web Configurator.
What versions of UNIX do the Utilities work with?
The ScanMail Utilities are currently supported on FreeBSD, Linux and Solaris.
However any version of Unix which uses sendmail can use the ScanMail utilities.
What versions of UNIX do you suggest?
FreeBSD seems to work execptionally
well and is easy to load and maintain. It is easy to tune kernel parameters
as well. Our largest users run on FreeBSD systems and they process hundreds
of thousands of emails on a daily basis.
The software runs on any version of unix which runs sendmail.
What if I am not running the supported O/S?
You can run the Utilities on a separate server running the supported O/S; and
have the mail go through the filtering server, then to your main email
server. A port can be done to your version of Unix just for the asking.
Many users use a Unix sendmail server as "mailscrubber" front end to
another mail server such as a Exchange server.
How can I tell how effective my configuration is at blocking spam?
If you assume for
instance that 50% of your incoming mail is spam and you block 40% of all
messages then your effective rate is 80% (You have blocked 80% of the spam). Much of
this is based on the number and type of emails you receive. Some of our larger
customers reject as much as 90% or more of total email.
How do I build a thread safe client for mysql?
Use the following configure options when you build mysql.
What is the surbl feature and how do I use it?
./configure --enable-static --enable-thread-safe-client --with-pthread --prefix=/usr/local/mysql
Surbl is the
Spam URI Realtime Blocklist. This
allows the ptsfilter to extract addresses such as web sites in your
message and check them against known spam sites.
For more information about our software please contact us: