ScanMail Utilities 11.0 Manual Page

Ptsfilter Program:

Ptsfilter runs with Sendmail 8.14.0 and up with milter support.   Ptsfilter works as a filter to scan for viruses and spam that is set by the conf files.

In the default installtion directory these are the main config files.
The default installation directory is /usr/local/etc/ptsfilter/
  • add_address_list.conf -- A list of user addresses whose mail needs to have copy sent to a monitor.
  • add_footer_list.conf -- A list of user names to add custom footer or disclaimer to outgoing messages.
  • address-list.conf -- A list of email addresses, domains, and keywords in the from address that are denied.
  • auto_responder.conf -- A list of addresses that will produce an auto
  • copy-list.conf -- A list of user names whose outgoing messages will be copied to the "users" directory.
  • domain-ip-list.conf -- A list ip addresses or networks that allow the local domain to originate in the from message
  • exceptions-list.conf -- A list of files and email addresses that will go throught the filter no matter what.
  • filestoedit.conf -- A list of system files that can be edited through the web configurator.
  • from-restrict.conf -- A list of users with restrictions on who or where they may recieve mail from.
  • header-list.conf -- A list of headers to be examined for bad strings.
  • intranet-list.conf -- A list of users restricted to local mail only .
  • ip-exceptions.conf -- A list of networks or ip adresses to exempt.
  • ip-list.conf -- A list of networks or ip adresses to reject.
  • keyword-exempt.conf -- A list of keywords and phrases to exempt against spam checking.
  • message_size-list.conf -- A list of users maximum message sizes.
  • ptsbayesian-goodmail.conf -- A list of strings to test against a message status to train the bayesian filter in what is good mail.
  • ptsbayesian-spamtest.conf -- A list of strings to test against a message status to train the bayesian filter in what is bad mail.
  • ptsfilter.conf -- A list of custom error and reject messages.
  • Ptsfilter Configuration File Information
  • quota-list.conf -- A list of user mailbox limits. (requires chown root and chmod +s on ptsfilter executable)
  • resend-ip.conf -- A list of ip addresses to rewrite and resend.
  • spam-list.conf  -- A list of key words and phrases that designate SPAM.
  • string-list.conf -- A list of file names and extentions that are rejected due to a possible virus.
  • to-restrict.conf -- A list of addresses or domains which users are not allowed to send to.
  • user-list.conf -- A list of usernames that will be accepted.
  • usersetup.conf -- User configuration file User Web based interface.
These files are the heart of ScanMailfilter's filtering ability.

smtp - ScanMailfilter Uilities :

Allows you to send email to any address without using a mail server. It has 5 configuration options:
  • -c - The full recieving domain name.
  • -m - The originating domain name
  • -f - The "from" address
  • -t - The "to" address
  • -e - The file you wish to send (NOTE: this file MUST be a text file)
Example: smtp -c recievingdomain.com -m sendingdomain.com -f sendingdomain.com -t recievingdomain.com -e /tmp/message Message Example:
Reply-To: sendingdomain.com
Subject: send a message without an email server

This is a test of sending a message without an SMTP server. Please respond back if you get this. This WAS NOT sent using Sendmail.

smutils - ScanMailfilter Uilities :

Smutils is a powerful utilites program that is included with ScanMail.  It is located by default in /usr/local/bin/

You can use the following arguments after smutils :
  • start - Starts ScanMailfilter and opens the port in which ScanMailfilter filters the mail.
  • stop - Stops Ptsfilter and closes the port.  Note : If Sendmail is configured to use ScanMailfilter and you stop the filter, no email will be accepted by the server.  Stop ScanMailfilter only for maintenance.

*PLEASE NOTE*
If you are using the smd daemon, "smutils stop" automatically restarts ptsfilter.
*PLEASE NOTE*

parse_sendmail - ScanMail Utilities sendmail log parser :

parse_sendmail is a command line utility to parse your sendmail log and load the data into a mysql database table which enables sql searches and queries. This should be run from cron on a regular basis.  parse_sendmail is located in /usr/local/etc/ptsfilter. There is only one option which is the filename of your sendmail log;

mailmonitor - ScanMailfilter Uilities :

mailmonitor allows you to recieve email alerts if there is an issue with your server. The message is automatically created for the service that has stopped, or is not performing correctly.
  • -n - sends an email alert to any address (this includes cell phones and PDA)
  • -c - from address for the email alert
  • -t - to address for an email alert
  • -b - full domain name of the sending side
  • -f - full domain name of the recieving side
  • -d - this indicates the total disk usage of the server
  • -p - this does a port scan for TCPIP ports (if the -p is the only option on than it will scan the local server)
  • -i - this specifies the IP address for the port scanner (if the -i option is the only option on than it will scan the specified server of the remote address)
  • -s - this tells the monitor to verify that the service is running
  • -m - this is the minimum number of process that should be running for the -s service

Example: mailmonitor -s sendmail -m 10 -b sendingdomain.com -n -f recievingdomain.com -c emailalertfromaddress.com -t emailalertrecievingaddress.com

mysql_utilities - ScanMail MYSQL Utilities Program :

mysql_utilities is a command line utility to setup and maintain your ptsmail database.  mysql_utilities is located in /usr/local/etc/ptsfilter. You can use the following arguments with mysql_utilities :
  • -c - Create ScanMail Database
  • -i - Get information for mysql server
  • -u - Update ScanMail Database

check_pattern - ScanMail Utilities Pattern checking Program :

check_pattern is a command line utility to check patterns against your config files.  check_pattern is normally located in /usr/local/bin. You can use the following arguments after check_pattern :
  • -c - Check file for regex consistency.
  • -f - ptsfilter config file to check. Example: -f /usr/local/etc/ptsfilter/spam-list.conf
  • -s - This is the string to be checked. Should be enclosed in quotes. Example -s "this is a test"

webconfig.cgi - ScanMail Utilities Web Configurator:

webconfig.cgi is a web based configurator designed to run on the same system as ptsfilter. From the web management system you can access all options of the ScanMail Utilities. This includes updating your configuration files, performing queries against the mysql database, searching your sendmail maillog, checking blacklist database entires to name a few. You can also check all of your mail statistics and search the ptsfilter stats file. There is also a Sendmail Configurator which will help you manage sendmail. You can start and stop sendmail, see all running sendmail processes, flush your queue (including clientmque), rebuild your sendmail.cf or edit it directly and more. You can add and remove users and change user passwords. If you are using mysql you will get more detailed reports from all your sendmail servers running the ScanMail utilities. The are also sendmail configuration utilities to help you manage sendmail including updating your sendmail.cf file or your .mc file. You can stop and start sendmail from here, flush your queue, edit your aliases file, edit your acces file amd more.  webconfig.cgi is normally located in your web servers cgi bin.
  • Ptsmd must be running to use webconfig.cgi
  • For certain options the owner and group must be root on webconfig.cgi and superuser bit must be set.
  • Certain options require entries in ptsfilter.conf.
  • This utility should be in a protected directory in the cgi bin.
  • You can retrieve or recover any message and append the message in a users mailbox
  • More information on recovering or retriving a message is available here
  • You can train the bayesian filter on what is good or bad email.

ptsuser.cgi - ScanMail Utilities User Configurator:

ptsuser.cgi is a web based configurator designed to run on the same system as ptsfilter.  ptsuser.cgi is normally located in your web servers cgi bin.
  • Must run on POP server
  • Users must login with their POP Name and password
  • Users can view email history

list_rejects - ScanMail Utilities rejects messenger:

list_rejects is located in /usr/local/etc/ptsfilter.
The only required option is -u
Generally run right before stats file is reset
list_rejects will send a message containing all of their rejects and why
example:
/usr/local/etc/ptsfilter/list_rejects -u [email protected]
  • -c mail command (default: sendmail username)
  • -m message filename (custom message: fully qualified pathname)
  • -s stats filename (default: /usr/local/etc/ptsfilter/stats)
  • -u user address (user address to check and message to)
  • -f from address (from address to check and message to)

limits - ScanMail Utilities shows system kernel limits:

"limits" shows the current and maximum values for the parameters in the system kernel.

command from the command line: limits
sample output:
These are your current System Limits as reported by getrlimit
Current pthread stack size is 1073741824
RLIMIT_AS current is infinite
RLIMIT_AS max is infinite
RLIMIT_VMEM current is infinite
RLIMIT_VMEM max is infinite
RLIMIT_SBSIZE current is infinite
RLIMIT_SBSIZE max is infinite
RLIMIT_STACK current is 134217728
RLIMIT_STACK max is 134217728
RLIMIT_RSS current is infinite
RLIMIT_RSS max is infinite
RLIMIT_NPROC current is 19466
RLIMIT_NPROC max is 19466
RLIMIT_NOFILE current is 32768
RLIMIT_NOFILE max is 32768
RLIMIT_MEMLOCK current is infinite
RLIMIT_MEMLOCK max is infinite
RLIMIT_FSIZE current is infinite
RLIMIT_FSIZE max is infinite
RLIMIT_DATA current is 536870912
RLIMIT_DATA max is 536870912
RLIMIT_CPU current is infinite
RLIMIT_CPU max is infinite
RLIMIT_CORE current is infinite
RLIMIT_CORE max is infinite

show_thirdparty - ScanMail Utilities show third party software:

Shows the current version installed and the current version available of the third party software used by ScanMail Utilities.

sample output:
These are your current versions
-------------------------------

Clamav:        ClamAV 0.92/7076/Fri May  9 03:38:02 2008
DCC:           1.3.58
MySql:         Ver 8.41 Distrib 5.0.19, for unknown-freebsd4.4 on i386
Vipul's Razor: Razor Agents 2.84, protocol version 3
Sendmail:      Version 8.14.2


These are the latest versions
-----------------------------

Clamav:        0.93
DCC:           1.3.90
MySql:         5.0.51
Vipul's Razor: 2.84
Sendmail:      8.14.2
statsreport - ScanMail Utilities Stats Report:

This is a statistical report to show you how well your ptsfilter is working. You will be able to see a breakdown of the performance of specific tests and blacklists to see what is the most efficient.

  • -a shows the total Blacklist database rejected stats per Blacklist(must utilize dnsbl_list in ptsfilter.conf)
  • -b shows the total Rejected stats by test
  • -c shows the total stats by processed, accepted, rejected, and exempted
  • -d allows a check with a specific date
  • -e will check address-list.conf file to show which entries are most effective
  • -f allows a check with a specific stats file. The default is /usr/local/etc/ptsfilter/stats
  • -g gives statistics on patterns of long addresses,subjects,recipients
  • -h allows a check with a specific hour for Stats Report
  • -i number shows statistics associated with top "number" of ip addresses
  • -j number shows statistics associated with top "number" of domains
  • -k query mysql database for statistics default is 24 hours (1 day)
  • -l will check status in stats to show which tests are most effective
  • -m will check string-list.conf file to show which entries are most effective
  • -n will check ip-list.conf file to show which entries are most effective
  • -o Number of days (used with -k)
  • -p ipaddress shows domains associated with ipaddress
  • -q domain shows ip addresses associated with domain
  • -r will check address-list.conf file to show which entries are most effective
  • -s will check spam-list.conf file to show which entries are most effective
  • -x will check exceptions-list.conf file to show which entries are most effective

update_software - ScanMail Utilities Third Party Software Update utility:

update_software is located in /usr/local/etc/ptsfilter.
update_software will update the following third part software:
sendmail
dcc Distributed Check Sum Clearinghouse
clamav
razor-agents
razor-agents-sdk
mysql
example:
/usr/local/etc/ptsfilter/update_software -s clamav -c "./configure --disable-threads"
  • -s takes one argument (software package)
  • -d copy site.config.m4 file to devtolls/Site for sendmail update
  • -i make install
  • -b make only
  • -c configure string If no string entered it is default configured. configure string must be enclosed in double quotes
  • -u Remove current source code.

getip - ScanMail Utilities DNSBL utility:

getip is located in /usr/local/etc/ptsfilter.
getip will scan the stats file and get all blacklisted ip addresses
You can use these IP addresses to create your own local DNSBL
example:
/usr/local/etc/ptsfilter/getip
  • -a append to current ip list
  • -b create ip list
  • -c create zone file
  • -d create iplist and zone file
  • -f statsfilename (default: /usr/local/etc/ptsfilter/stats)
  • -h header file name for DNS zone file (default: /usr/local/etc/ptsfilter/tmp/headerfile)
  • -z zone file name to be created (default: /usr/local/etc/ptsfilter/tmp/zonefile)

For more information about our software please contact us:
[email protected] .



Copyright © 2013 ScanMail. All rights reserved.
last modified on: 02/05/09 10:39:24 AM
ScanMail    
Search    

Features    
Customer Feedback    
Free Installation    
Real time stats     
Test ScanMail Utilities    
Requirements    

Free 15 Day Demo    
Ordering    
Upgrade Your License    
Downloads    
ScanMail Firewall Server    

Support    
FAQ