|
SMTP Gateway Overview
Mailshell's Gateway is an SMTP proxy that
plugs in anywhere along an SMTP chain. The proxy listens
for messages from an incoming SMTP port and then forwards
messages downstream to another SMTP Mail Transfer Agent
(MTA). The proxy scores each message and inserts a header,
X- SpamCatcher-Score, indicating a 'spam score' for the
message.
X-SpamCatcher-Score Header
The Mailshell Anti-Spam score indicates the probability
that a message is spam. The higher the number, the more
likely a message is spam. Mailshell Anti-Spam scores range between
0 and 100.
X-SpamCatcher-IP Header
This header contains the IP address of the
sending MTA. The information is used for IP Blacklist checks.
Since the SMTP Gateway is plugged in between the sending
and the receiving MTA, the header information is the only
way that the receiving MTA can identify the sending MTA's
IP address.
Destination SMTP Servers
The SMTP Gateway will 'round robin' from a
list of Destination SMTP servers.
The control file for destination SMTP servers
is located at /etc/spamcatcher/conf/spamcatcher.conf.
The format of the line is server:portnumber. The
server can either be a hostname or an IP address. The port
number should always be numeric. If a port number is not
specified, the default port of 25 is assumed.
Example:
outgoing_smtp=mail2.isp.com:25,10.1.3.2,smtp.host.net:10041
Leading and trailing white space is ignored.
Lines beginning with the '#' character are considered comments.
Global Approved List
The SMTP Gateway will accept a list of sender
addresses or domains whose messages never will be considered
spam. For these messages, the X- SpamCatcher-Score header
will always be 0.
The control file for Approved Senders is located
at /etc/spamcatcher/conf/approvedsenders and will contain
one line per sender. Each line can contain an email address
or a domain.
Addresses are of the format "mailbox@domain"
and domains are simply of the format "domain".
Examples:
user@isp.com
spammer.net
Leading and trailing white space is ignored.
Lines beginning with the '#' character are considered comments.
Global Blocked List
The SMTP Gateway will accept a list of sender
addresses or domains whose messages are always considered
spam. For these messages, the X- SpamCatcher-Score header
will always be 100.
The control file for Blocked Senders is located
at /etc/spamcatcher/conf/blockedsenders and will contain
one line per sender. Each line can contain an email address
or a domain.
Addresses are of the format "mailbox@domain"
and domains are simply of the format "domain".
Examples:
user@isp.com
spammer.net
Leading and trailing white space is ignored.
Lines beginning with the '#' character are considered comments.
Precedence of Approved and Blocked Addresses
When an address matches entries in both the
Global Approved and Global Blocked lists, the following
priority will be observed. Email addresses will take precedence
over domains, e.g. if you block the domain host.net but
approve the specific address joe@host.net, mail from the
latter sender will be approved. In addition, approved addresses
will take precedence over blocked addresses if identical
entries exist on both the Global Approved and Global Blocked
lists.
Logs
Mailshell Anti-Spam logs via syslog. The log facility
is: LOG_MAIL.
Mailshell Anti-Spam Network Settings
It is possible to configure several general
settings for the SMTP Gateway. The control file for Mailshell
Network settings is located at /etc/spamcatcher/conf/spamcatcher.conf
and can contain the following settings:
- Rule Update Frequency
You can configure Mailshell Anti-Spam to automatically check for
updated spam rules.
Format: ruleupdate=number of seconds between updates
Default: If this entry is missing or misconfigured, the
default will be to check for rule updates every 60 minutes.
- SpamCatcher Network Checks
You can configure Mailshell Anti-Spam to check message fingerprints
against the Mailshell database of known spam.
Format: netcheck=[yes|no]
Default: If this entry is missing or misconfigured, the
default will be Yes.
- Spam Threshold for rejecting messages
You can configure Mailshell Anti-Spam to delete all messages that
have a Mailshell Anti-Spam score above a certain level. Mailshell Anti-Spam
scores range between 0 and 100. The higher the number,
the more likely a message is spam.
Format: spam_reject=level
Default: If this entry is missing or misconfigured, the
default will be 100.
- Spam Threshold for subject modification
of spam messages
You can configure Mailshell Anti-Spam to insert the word [spamcatcher]
in the subject line of messages that have a Mailshell Anti-Spam
score above a certain level, indicating the message is
spam. Mailshell Anti-Spam scores range between 0 and 100. The
higher the number, the more likely a message is spam.
You can set up filtering rules in your email client to
filter this text.
Format: spam_reject=level
Default: If this entry is missing or misconfigured, the
default will be 100.
- Spam Threshold for flagging spam
messages
You can configure Mailshell Anti-Spam to insert a header (X-SpamCatcher-Flag)
in messages that have a Mailshell Anti-Spam score above a certain
level, indicating the message is spam. Mailshell Anti-Spam scores
range between 0 and 100. The higher the number, the more
likely a message is spam. You can set up filtering rules
in your email client to check for this header.
Format: spam_reject=level
Default: If this entry is missing or misconfigured, the
default will be 100.
- Timeout for spam check
You can configure Mailshell Anti-Spam to stop spam scoring if
it takes too long. Timeouts happen on a message-by-message
basis. Those messages that timeout will have a X-Spamcatcher-Score
header based solely on the spam rules.
Format: spamchecktimeout=number of milliseconds for timeout
Default: If this entry is missing or misconfigured, the
default will be 5 seconds.
System Requirements
- Linux 2.2+
- x86 platform
- SMTP email server
|
