From Wiki@Commgate

Contents 1 Antispam 1.1 Overview 1.2 Configuration 1.2.1 Discard Policy (Block Policy) 1.2.2 Subject Tag 1.2.3 Image Processing (OCR) 1.2.4 Whitelists and Blacklists 1.3 Improving Effectiveness 1.3.1 Spam Training 1.3.2 Greylisting and Blacklists 1.4 Links 2 Antispam - Dspam 2.1 Overview 2.2 Configuration 2.2.1 Signature Location 2.2.1.1 Headers 2.2.1.2 Body 2.2.2 Subject Tag 2.3 Improving Effectiveness - Spam Training 2.4 Links 3 Antispam - Training 3.1 Overview 3.2 Installation 3.3 Training 3.3.1 Webmail 3.3.2 E-mail Forwarding 3.4 Links 4 Antivirus 4.1 Overview 4.2 Configuration 4.2.1 Mail Policies 4.2.2 Virus Detected Policy 4.2.3 Banned File Extension Policy 4.2.4 Banned File Extensions 4.3 Links 5 Filters / Greylist 5.1 Overview 5.2 Installation 5.3 Configuration 5.3.1 Greylisting 5.3.2 Status 5.3.3 Delay 5.3.4 Data Retention Time 5.3.5 Blacklists 5.4 Links 6 Maildrop 6.1 Overview 6.2 Installation 6.3 Configuration 6.4 Troubleshooting 6.5 Links

Antispam

Overview

Antispam	Information
Description	Antispam for mail servers.
Package Name	cc-spamassassin
Configuration Page	Software > Mail > Antispam

The antispam software works in conjunction with your mail server. The software identifies spam using a wide range of algorithms on e-mail headers and body text. The CommGate Server also includes Greylisting and additional Blacklists -- both are effective tools that can be used to detect spam.
Back to top

Configuration

Back to top

Discard Policy (Block Policy)

If you want to discard spam before it reaches mailboxes, you can configure the mail discard policy. For example, you can discard spam marked with high probability (or higher) by using this tool.
Back to top

Subject Tag

• Use Subject Tag - enable/disable e-mail subject tag when e-mail is marked as spam
• Subject Tag Threshold - spam score required to trigger a change in the e-mail subject
• Subject Tag - the subject tag to use when e-mail is marked as spam

A subject tag can be added to messages marked as spam. For instance a spam message with the subject "Premier Invest0r Rep0rt" will be transformed into "[SPAM] Premier Invest0r Rep0rt". This feature makes it easy for end users to identify and filter spam.
Back to top

Image Processing (OCR)

Enabling Image Processing will improve the spam identification rate for spam messages containing images. Using OCR (Optical Character Recognition), antispam engine will convert images to text and perform analysis on the word content of the image. White and Black Lists
Back to top

Whitelists and Blacklists

• White List - a list of e-mail addresses that should never be marked as spam
• Black List - a list of e-mail addresses that should always be marked as spam

The antispam engine includes both white and black lists. The white list is used to mark e-mail addresses that send non-spam, while the black list is used to mark e-mail addresses that are known spam.

Among others, newsletters and legitimate e-commerce e-mail can sometimes be marked as spam. The e-mail addresses for these messages can be added to the white list to prevent the message from becoming marked as spam.

E-mail addresses in the white and black lists can use the * wildcard character to match any characters. For instance, *@example.com and *.gov will mark all e-mail from the example.com and .gov domains.

Back to top

Improving Effectiveness

Back to top

Spam Training

You can improve the effectiveness of the antispam engine by following the instructions here.
Back to top

Greylisting and Blacklists

The CommGate Server also includes Greylisting and additional Blacklists -- both are effective tools that can be used to detect spam.
Back to top

Links

SpamAssassin website
Back to top

Antispam - Dspam

Back to top

Overview

Antispam - Dspam	Information
Description	Antispam for mail servers.
Package Name	cc-dspam
Configuration Page	Software > Mail > Antispam - Dspam

The Dspam antispam system tracks e-mail by mailbox. In other words, the antispam system bases its decisions on individual spam databases for each user on the system.

Warning! Since the Dspam antispam solution requires specific details about mailboxes and aliases, the software is not available on systems configured as a mail gateway. For example, a message destined to sales@example.com forwarded to an Exchange server may end up in Mary and David's mailbox. It is not possible for the Dspam system to determine this information in mail gateway mode.

Back to top

Configuration

Back to top

Signature Location

The antispam system tracks important elements and statistics on every e-mail message that you receive. This information is then stored as a "signature" -- basically a unique identification number. To train the antispam system (see next section), this signature must be included in an e-mail. You can track these signatures either in the body of the message, or in the message header.
Back to top

Headers

• advantage: does not clutter the body of e-mail messages
• disadvantage: message must be forwarded as an attachment to train the antispam system

Back to top

Body

• advantage: message can be forwarded (no attachment) to train the antispam system
• disadvantage: spam signature clutters the body of e-mail messages

Back to top

Subject Tag

Select the subject tag used to mark any messaged deemed to be spam.
Back to top

Improving Effectiveness - Spam Training

You can improve the effectiveness of the antispam engine by following these instructions.
Back to top

Links

Dspam
Back to top

Antispam - Training

Back to top

Overview

You can improve the effectiveness of the antispam systems on your CommGate system by identifying:

• Messages that were spam, but not identified as such
• Messages that were innocent, but identified as spam (false positive)

With a week or two of diligent training with these messages, you can expect to see a more effective antispam engine.
Back to top

Installation

At least one of the antispam engines must be installed on your system.

• SpamAssassin
• Dspam

Back to top

Training

There are two ways to train the antispam systems on your CommGate Server: webmail and mail-forwarding.
Back to top

Webmail

Training the antispam system via webmail is simple and more effective. Simply select the messages that you wish to process and press either the Report as Spam or Report as Innocent buttons (see screenshot). You will then be shown a confirmation message before the actual processing takes place.

Back to top

E-mail Forwarding

Training via e-mail forwarding is not as effective since information is lost when you forward a message. If you decide to use this method, there are two e-mail addresses used for training:

• train.notspam@example.org -- e-mail address for messages incorrectly identified as spam
• train.spam@example.org -- e-mail address for spam that was not identified as such

In order to use this style of spam training, messages must be forwarded as an attachment (see screenshot).

Back to top

Links

Dspam
Back to top

Antivirus

Back to top

Overview

Antivirus for Mail Servers	Information
Description	Antivirus for mail servers.
Package Name	cc-clamav
Configuration Page	Software > Mail > Antivirus

The antivirus system scans mail messages as they pass through your mail server.
Back to top

Configuration

Back to top

Mail Policies

When configuring the antivirus system, you must make some mail policy decisions. There are three types of policies available:

• Bounce bounce the e-mail
• Discard - silently discard the e-mail
• Pass Through - send e-mail with warning (original sent as an attachment)

Back to top

Virus Detected Policy

When a virus is detected, you can choose to either discard the message, or pass the message through. We recommend discard mode for most installations.
Back to top

Banned File Extension Policy

The antivirus software not only performs virus scanning, but also manages file attachment policies. Certain types of file attachments are prone to viruses. The ability to block attachments by file extension is another layer of security for your mail system.
Back to top

Banned File Extensions

Select the file extensions that you wish to ban from going through your mail system. Both internal and external mail are checked.

Back to top

Links

ClamAV web site
Back to top

Filters / Greylist

Back to top

Overview

Greylisting and Filters	Information
Description	Greylisting and filters for mail servers.
Package Name	cc-filters
Configuration Page	Software > Mail > Filters

Greylisting and mail filters are extra tools to prevent spam from reaching your users' mailboxes.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Back to top

Greylisting

Greylisting can dramatically reduce the amount of spam reaching your mailboxes. When the service is enabled, a mail message that is not recognized will be gently rejected. If the mail message is legitimate, the sending mail server will re-attempt subsequent deliveries and the CommGate server will then accept it. For the most part, spammers do not bother with the second delivery attempt and this results in less spam. The parameters that you can use to fine tune the greylisting engine are described below.
Back to top

Status

State of the greylisting engine.
Back to top

Delay

The amount of time that must pass before a subsequent delivery attempt is allowed.
Back to top

Data Retention Time

The greylisting engine keeps track of both mail servers and sender e-mail addresses for a specified amount of time (default is 35 days). If messages from validated sender or server arrives, the greylisting engine will accept delivery on the first attempt. For example, if dave@example.com sends an e-mail to one of your users on a weekly basis, only the very first mail message is delayed. All subsequent messages are delivered automatically since dave@example.com has been validated.
Back to top

Blacklists

CommGate provides extra mail blacklists to protect against spam. You can enable or disable this blacklist at any time.
Back to top

Links

Postgrey

SA-Blacklist
Back to top

Maildrop

Back to top

Overview

Maildrop	Information
Description	Fetchmail/maildrop software to fetch mail from external servers.
Package Name	cc-fetchmail
Configuration Page	Software > Mail > Maildrop

The fetchmail package can conveniently retrieve mail from other servers allowing the 'centralization' of e-mail on a single server.
Back to top

Installation

If you did not select this module to be included during the installation process, you must first install the module.
Back to top

Configuration

Any number of servers can be added to the maildrop list using the "Add Maildrop Entry" form. The interval polling time can be configured from 1 minute up to 3 hours.

Server - The server name. For example, gmail.com.

Protocol - The server protocol. Currently, POP3, IMAP and APOP protcols are supported. If you do not know the protocol, you can have the system auto-detect by selecting 'auto'.

Username - This is the username on the source server.

Password - This is the password on the source server.

Local User - This is the username of a mail account configured to receive mail on the server you are configuring.

Keep On Server - Enable this checkbox to leave a copy of the mail on the server.

Active - Enable this checkbox to start polling the remote server for mail to fetch.

Note: As with any other POP3 or IMAP connection, your username and password for the mail account on the destination mail server will be passed in clear text.

Back to top

Troubleshooting

Have a look at the system logs if you are having problems. The fetchmail daemon logs to /var/log/maillog. Ignore any entries you see similar to:

Server CommonName mismatch: localhost.localdomain != mail.commgate.net

This entry is a result of fetchmail attempting to use SSL for authentication.
Back to top

Links

Fetchmail Home Page
Back to top