For more help with Sendmail including installation, setup, troubleshooting and more contact us by email or phone: [email protected] or (410) 838 5100. We offer support on a per incident basis as well long term commitments. Call us, we are the experts.

These are filtering options for fighting spam and viruses with Sendmail

This is an overview of spam blocking techniques. On this page you will find anti-spam anti-virus options you can use with sendmail on unix mail servers. This includes Linux, Freebsd, and Solaris.

These are just some of the ways to fight spam and viruses through sendmail. All of these have intefaces into sendmail (mostly through milter or the delivery agent such as procmail). Make sure you have a whitelist in place for exceptions you want. The ptsfilter of ScanMail Utilities incorporates all these techniques in one milter and sequentially uses them when mail has passed or not failed a previous test. Once mail fails any test, ScanMail Utilities immediately rejects it. The ptsfilter is a very efficent sendmail spam and virus filter.

Email Server Verification

Email Server Verification is the process of checking that a valid email server has connected to the local server. This is accomplished by using a DNSBL that has a list of dynamic IP addresses. This is performed at the connection phase or at the recipient phase as user defined options.

Ptsfilter commands:
do_check_for_mailserver Turns on checking for a valid connection from
a valid email server.
connect_blacklist Blacklist database to use.
SPF (Sender Policy Framework)

SPF or Sender Policy Framework fights return-path address forgery and makes it easier to identify spoofs. It basically checks the DNS of the return-path address to find out whether it is possible for mail for the domain in the address could have originated from where it was sent. If it is allowed and it is spam you can contact the sysadmin or abuse at that domain to notify them about the spam. If it should not have originated there you just reject it. You can more information on spf at the Sender Policy Framework site. This is a very efficent way to stop spam and as more sites start implementing spf stopping spam will become much easier.

Ptsfilter commands:
spfflag Turns on spf checking for inbound mail
spfmydomain Turns onf spf checking for my domains, prevents spoofing
of my domain 
spfauthenticate Turns off spf checks when user properly 
auththenticates to sendmail
Bayesian Filter

A technique for identifying incoming e-mail spam. Unlike other filtering techniques that look for spam-identifying words in subject lines and headers, a Bayesian filter uses the entire context of an e-mail when it looks for words or character strings that will identify the e-mail as spam. Another difference between a Bayesian filter and other content filters is that a Bayesian filter learns to identify new spam the more it analyzes incoming e-mails.

A Bayesian filter is a statistical approach to filtering spam. You teach the filter what is good and bad email. It continues to "learn" based on sample email. With this type of filter you block or accept email based on a statistical analysis of the content. The filter scores the content and For more information check Paul Graham's website

Ptsfilter commands:
bayesian Turns on Bayesian Filter test
Greylist

Greylisting (greylist not graylist) is a method of blocking spam at the mailserver. Greylisting relies on the fact that most spam sources do not behave in the same way as "normal" mail systems. Although it is currently very effective by itself, it will perform best when it is used in conjunction with other forms of spam prevention. A greylist does not block or reject email but is does help stop spam and viruses. For more information check greylisting.org

Ptsfilter commands:
greylist Turns on Greylist test
greylisttype Type of greylist test either by IP address,from address
and to address or just from address and to address.

DNSBL (Domain Based Blacklist Databases)

Domain Based Blacklist Databases are servers which track domains of known spammers. When your mail server receieves email it does a check on the domain of the server that handed the mail off to your server. If the domain is listed in the Blacklist Database it is rejected. is probably the It is very easy to implement. For more information check RFC Ignorant

Ptsfilter commands:
dnsbl_domain_list Comma seperated list of Domain Blacklists
blacklist_mysqlUse mysql to store and check Blacklist for quicker lookups

DNSBL (IP Blacklist Databases)

Blacklist Databases are servers which track IP addresses of known spammers. When your mail server receieves email it does a check on the IP address of the server that handed the mail off to your server. If the IP address is listed in the Blacklist Database it is rejected. This is probably the most widely used antispam test. It is very easy to implement and there are many DNSBL's to choose from. Some of the most widely used DNSBL's are:
spamhaus
spamcop
sorbs

Ptsfilter commands:

dnsbl_list Comma seperated list of IP Address Blacklists
blacklist_mysqlUse mysql to store and check Blacklist for quicker lookups
SURBL (Spam URI Realtime Blocklists)

Spam URI Realtime Blocklists are servers which track domain addresses of known spammers. This bloack want urls in your email messages. When your mail server receieves email it does a check on the URI in the message of the server contained in the URI. If the address is listed in the Spam URI Realtime Blocaklist it is rejected. This is not a widely used antispam test yet. It is very effective though. You can get more information at the surbl website or the uribl website.

Ptsfilter commands:
surbl_list Comma seperated list of Surbl Lists 
surbl_mysqlWrite domains of surbl rejections to Daoin table
Clamav (Antivirus)

Clamav is an open source anti-virus program. It is very effective and has ways to integrate in sendmail such as a milter interface. You can get more information at the clamav antivirus website.

Ptsfilter commands:
clamav Clamav utility to check email with
Vipul's Razor (Antispam)

Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Detection is done with statistical and randomized signatures that spot spam content. Vipul's Razor does an excellent job of detecting spam. You can get more information at the Vipul's Razor website.


Ptsfilter commands:
razor Vipul's Razor utility to check email with

DCC(Distributed Checksum Clearinghouse)

DCC is anti-spam software similiar to Vipul's Razor although they seem to be a little more aggressive. You can get more information at the Distributed Checksum Clearinghouse website.

Ptsfilter commands:

dcc DCC utility to check email with

MX Record Check (Antispam)

If the domain in the from address does not have a MX record it is more than likely spam and should be rejected. Some mailing lists DO Not adhere to this. All Domains should have a mail exchanger record.

Ptsfilter commands:
do_mx_check Turn on MX check for inbound mail.


Sender Validation (Antispam)

The from address of the sender should always have a valid sender. If not how can a Delivery Status Notice be sent back to inform them of problem with delivery or any other delivery issue. If the from address is not valid the message should be rejected as spam.

Ptsfilter commands:
do_user_check Turn on sending user check for inbound mail.

Accreditation Services (Antispam)

Accreditation Services are almost a reverse dnsbl. If you are in the database you have said I will play by the rules of proper mail solicitation.

Ptsfilter commands:
do_habeas_check Turn on Habeas Accredidation check.
do_bonder_sender Turn on Bonded Sender Accredidation check.

ScanMail Utilities incorporates all these techniques in one milter and the ptsfilter is a very efficent sendmail spam and virus filter. You can try ptsfilter free for 15 days and see for yourself.

For more information about our software please contact us:
[email protected] .



Copyright © 2013 ScanMail. All rights reserved.
last modified on: 11/25/08 04:45:30 PM
ScanMail    
Search    

Features    
Customer Feedback    
Free Installation    
Real time stats     
Test ScanMail Utilities    
Requirements    

Free 15 Day Demo    
Ordering    
Upgrade Your License    
Downloads    
ScanMail Firewall Server    

Support    
FAQ