How-to use SpamAssassin as a Mailsweeper plug-in

 


 

Why use SpamAssassin in Mailsweeper

Why not use SpamAssassin it is very good at detecting spam and it is open source.
  • Very good at detecting spam
  • Open source
  • Big group of developers are maintenance the code
  • Many plug-ins made for SpamAssassin exist on the net
  • Good documentation of the application
  • It has all the cool anti spam functions like SPF, DCC, Razor, IP RBL, URL RBL, BAYES, RegExp, DKIM, Pyzor, FuzzyOCR and many more.
  • It free

So when I found a very well compiled version of SpamAssassin for the Windows platform, I start to look at how this good anti spam application can be used with Mailsweeper on Windows and without have to setup some Linux box and after a lot of time and coding I have now got it up and running and it is very stabile, In fact it is working better then I hade hope it will.

So I have there for made this guide, to show how you can use SpamAssassin with your Mailsweeper or Mailmarshal setup..

 

SpamAssassin 3.1.7.0 for Windows

First we need to download the software from http://sawin32.sourceforge.net/ and install it.

1.
Make a folder ready for the software, so start a dos prompt and run this commands
c:\>md c:\sawin32\zip-download
c:\>md c:\sawin32\sawin32v3170


2.
Download the files from http://sawin32.sourceforge.net/ and save them in the c:\sawin32\zip-download folder

Save SpamAssassin 3.1.7.0 http://downloads.sourceforge.net/sawin32/SpamAssassin-3.1.7-win32.zip to c:\sawin32\zip-download folder
Save SA-learn 3.1.7 http://downloads.sourceforge.net/sawin32/sa-learn-3.1.7.zip to c:\sawin32\zip-download folder
Save SA-update 3.1.7  http://downloads.sourceforge.net/sawin32/sa-update-3.1.7.zip to c:\sawin32\zip-download folder

The version number is at the time of writing this how-to is 3.1.7.0 and this is the version I have done most of my testing with, but I will advise to see if there is a newer version at http://sourceforge.net/project/showfiles.php?group_id=175673 and check in the forum http://sourceforge.net/forum/?group_id=175673 that it is not a version with many bugs.


3.
So now the c:\sawin32 folder will look like this.

 

4.
Now it is time to unzip the software

unzip SpamAssassin-3.1.7-win32.zip to c:\sawin32\sawin32v3170\
unzip sa-learn-3.1.7.zip to c:\sawin32\sawin32v3170\
unzip sa-update-3.1.7.zip to c:\sawin32\sawin32v3170\

Note: do not run any of the .Exe, .Bat or .cmd files jet as we need to Config some files before the first run, this is because it will copy some of the files to the user profile of the user there is running the file..



Config the SpamAssassin

There is some scores that we need to fine tune and some things there need to be disable, For the scope of this how to guide we need to disable the DCC and Razor plug-ins, it is not because they are not working it is because they need network access to servers on the Internet so your need to change some firewall policy to get it to work and if there is some thing wrong with the access it will slow down the processing a lot, so for now it will be disable and you can look at them at a later point.


5.
Open this file c:\sawin32\sawin32v3170\etc\spamassassin\local.cf with notepad


Change the "required_score" to a higher value like 6.5 or maybe higher so there will be no false positive mail block as spam.
When I change a line I always out comment the default one and write a now one just below so it is easier at a later point in time to see what there is changed from the default values.


6.
Open this file c:\sawin32\sawin32v3170\etc\spamassassin\v310.pre with notepad


Out comment the lines with the text "loadplugin Mail:SpamAssassin::Plugin::DCC" to disable DCC and out comment "loadplugin Mail:SpamAssassin::Plugin::Razor2" to disable Razor

Maybe in a later guide or my forum I will write how to Config and enable the plug-ins again but for now we disable them.



Setup the service there start and monitor SpamD

The SpamAssassin is code in Perl on Linux platform, Eugene has then compiled a windows version of the whole software pack and he has done a very good job but the SpamD.exe seems to have a minor issue, When the SpamD start it has a master thread and some child threads there is processing the mails, the idea is when a child thread has processed x number of mails it is shutdown and the master thread is starting up a new child thread but it seems that it not are starting the new child thread and there for are the mail processing slowly die and the processing almost stop as there is only the master thread back....

So to make sure the SpamD process is up and running and also is healthy at all time, I have code another application call SpamDloaderService there is design to startup and verify the SpamD is healthy and if not then fix the issue.

What this app do:
  • Run as a service and start when the computer is started
  • Startup a SpamD.exe if none is running
  • If more then one SpamD.exe is running then kill them until only one is running
  • If the SpamD.exe exits with a error then start a new one up within 2 sec.
  • Build-in SpamC client there is verifying that the SpamD.exe is working and if not then restart it
  • Restart SpamD.exe if the thread count gets to low
  • Recycle the SpamD.exe after x number of hours
  • logging to Eventlog, syslog, file and for debugging to a telnet session
  • If SA-update channel tell there is a update then execute sa-update.exe

 

7.
Make a folder ready for the software, so start a dos prompt and run this commands
c:\>md c:\SpamDloaderService\zip-download


8.
Download the latest version of SpamDloaderService from http://www.tooms.dk/software/spamdloaderservice/ and save the file to c:\SpamDloaderservice\zip-download


9.
Unzip c:\SpamDloaderService\zip-download\spamdloaderservice.1.200x.xx.xx.zip to c:\SpamDloaderService\


10.
open a dos prompt and go to the C:\SpamDloaderService folder


11.
Run the C:\SpamDloaderService\InstallService.bat
Note: If  you have installed in another folder then my guide show then you must edit the two .bat file so the path to the SpamDloaderService.exe is the right one before running the command.


12.
Verify the output of the InstallService.bat saying that it has installed the service with out any errors.


13.
Start the C:\SpamDloaderService\SpamDloaderConfig.exe

Note that it is saying that the service is installed and not running, at this point do not start the service as we need to Config it first.


14.
Click on the SpamD tab

Click on the "Browse" and select the right path where you have installed the SpamD.exe application.
For now do not change the commandline options before you have seen this working.


15.
Click on "Save" and go back to the "SpamDloader" tab


16.
Start the windows task manager and make sure that there is no spamd.exe running


17.
In the SpamDloaderConfig app, click on the "Start" and see the services is starting


Verify in the task manager that you can see the Spamdloaderservice.exe is running


18.
Verify in the task manager that you also seeing the SpamD.exe is started


19.
Start the Eventlog viewer and see what the Spamdloaderservice service has report and there is no errors.


20.
Now try in the task manager to kill the spamd.exe and see that within a very short time there is started a new one up


21.
Go back to the Eventlog viewer and read what the SpamDloaderservice has reported happen to the spamd process.



Now the SpamD service is installed and is monitoring the SpamD process to make sure that it is running and all is well.


 

MSWSpamC

MSWspamC is a SpamC client there can talk with a Spamassassin server(SpamD), it is design to work as a Mailsweeper plug-in.
I know there is a lot of spamc.exe versions on the net and I have tried many for them and found them not to work very well and is unstabile when running under high load as a Mailsweeper plug-in, so that is why I have code my own version there is more stabile and has a lot of safety checks.


22.
Make a folder ready for the MSWspamC software, so start a dos prompt and run this commands
c:\>md c:\MSWspamC\zip-download


23.
Download the latest version of MSWspamC from http://www.tooms.dk/software/mswspamc/ and save the file to c:\mswspamc\zip-download


24.
Unzip c:\mswspamc\zip-download\mswspamc.1.200x.xx.xx.zip to c:\mswspamc\


25.
Start the c:\mswspamc\mswspamcgui.exe


Select the cfgid "MSWspamC" and click "Select cfgID"


26.
Add a server


In the IP textbox enter "127.0.0.1" and then click "Add server"


27.
Verify that the server is working


Select the server 127.0.0.1 on the list and click "Verify", note the status textbox is telling if the SpamD server is working or if there is a error.
If there is a error then this most be fix before going on with this guide.


28.
Do not at this point change any other settings in the MSWspamCgui before you have seen it work.

Click "Save config" and then click "Exit"


29.
Lets verify all things are working before setting up Mailsweeper to use the plug-in.


Start a dos prompt and change to the "c:\mswspamc\" folder


30.
Test run the MSWspamC client


Run the command "MSWspamC /mail:testmail_spam1.msg /debug" and verify that is works like the screen dump shows
 

 



Page 2 of this guide


.