I have been a long time user of GFI software, relevant to this post is their Mail Essentials for Exchange package. I find it to be a very powerful and easily setup anti-spam system for Exchange. I have had very little trouble with it, and it is packed with useful features. However, recently I had some configuration issues with my spam setup, with rollernet really, not even an issue with Mail Essentials, but it got me thinking about my spam filtration system.
I am now on a quest to find an open source anti-spam solution for Exchange. I’m open to Linux based solutions as a gateway of sorts, but would prefer something that resides on the Exchange server running under Windows. Don’t get me wrong, I have a great respect for SpamAssassin and other gateway type spam fitlers, but it gives the end user a much better experience if the anti-spam software can interact with the user, especially if it integrates with Outlook.
Surely there must be some kind of solution out there I could try. At the very least I might install a few different packages under Linux and route incoming mail through them, and from there go to Exchange for evaluation. I can use server virtualization to allow for an easy evaluation of various types of configurations. ASSP I hear is very good and there was one other package that I found last night that sounds promising. I think it could be beneficial to have an additional layer of spam protection at the gateway level before GFI gets the messages and does its thing. My only concern is false positives. Lots of services and companies on the internet today do NOT have the proper DNS/MX confiugration and even at a more basic level don’t have their network setup right. All these network issues can have a major impact on e-mail deliverability. Its always a risk then when dealing with spam filters that you may block legitimate messages. I am always watching spam logs to ensure that I keep an eye on how the system is doing. If web services and companies would do a little work to get their sytems in compliance with RFS’s for SMTP and DNS, and setup the proper network configuration and mail server options, it would be a much better world for mail delivery without false positives.
Over the weekend I got an e-mail from Dennis Heidner who wrote SPAMLOGS for NoSpamToday. In version 3 of NST, the log parser “spamlogs” quit outputting the subject line of messages in the parsed log output. Dennis has corrected this in an updated version which should be available soon on the byteplant contributions area on their website. I have tested the new version and found that it fixes the problem. Dennis has also added some functionality to check for AUTH Attacks. SPAMLOGS conveniently checks for AUTH attacks and outputs the number of attacks per IP at the end (last column) of the spamlogs csv output.
SPAMLOGS is a must have for parsing the NST spamassassin log file, it turns the jumbled and confusing log file output from NST/SA into a readable and useful .CSV format. Combine his software with the automation utility or scheduled task, and it makes managing the mail logs much easier.