Friday, August 3, 2012

SpamAssassin for Exchange 2003

SpamAssassin for Exchange 2003 can be implemented using the following components:
  1. SpamAssassin for Windows binaries provided by JAM Software
  2. Exchange SpamAssassin Sink, written by Chris Lewis
  3. NSSM service installer
Manual configuration is required.
Perl is not required - a Perl DLL file is provided with the other binaries.
  • Download SpamAssassin for Windows from JAM Software.  JAM also provide a variety of useful tools for managing SpamAssassin for little cost.  Note: some sites link to SAwin32 for the binaries, however these are an old version (3.2.5) and have a bug relating to "The date is grossly in the future".
  • Download Exchange SpamAssassin Sink - the original site no longer works but you should be able to find a copy somewhere for download.
  • Download NSSM (http://nssm.cc/download)
    Note: you can also use srvany, provided in the Windows 2003 Resource Kit Tools, but NSSM is a little clearer and easier.
  • Install SpamAssassin for Windows
  • Extract NSSM to an appropriate location such as C:\Program Files\NSSM
  • Use NSSM to create the SpamAssassin service: nssm install SpamAssassin
    Browse to the spamd.exe binary.
    Start the service using Services mmc.
  • Install Exchange SpamAssassin Sink - it *MUST* be iinstalled to C:\ESA
    Edit ExchangeSpamAssassin.ini:
    • SpamAssassin_Batch_File=C:\ESA\spamcheck.bat
  • Run the Install_ESA_Sink.bat file at the end of installation to install the Exchange sink hook.
  • Create a new batch file to call spamc:
    • C:\ESA\spamcheck.bat

      "E:\Program Files\JAM Software\SpamAssassin for Windows\spamc.exe" %*
At this point the filter should be active - send yourself a test message using an external source and look at the email headers to see the SpamAssassin headers.

You also need to train the filter - create the following file to call the sa-learn binary - note you must change to the sa-learn.exe directory to ensure correct paths are used to find the config files:
C:\ESA\sa-learn.bat:
E:
cd "E:\Program Files\JAM Software\SpamAssassin for Windows"
sa-learn.exe %*

You are supposed to save 200 emails in spam & ham folders then run the batch files for learning:
sa-learn-spam
sa-learn-ham

The SpamAssassin default configuration provided by JAM Software does not rewrite the subject.  To do so edit the file:
 ..\etc\spamassassin\local.cf

To force Exchange IMF to move spam into the Junk Mail folder you can use IMF Keyword Manager from Accendo Solutions to create the XML file - note it is necessary to re-apply the XML file and restart SMTP service after any Exchange Filtering updates are applied through Windows Updates.  We suggest searching the SUBJECT for text "**SPAM**".  - this doesn't seem to work, it appears the IMF assigns the SCL before SpamAssassin Sink is processed.  The result is that you need to rely on an Outlook Rule to move "**SPAM**" messages into the Junk E-mail folder.

Note the bug in Exchange IMF settings: "Move messages with an SCL greater than or equal to:" should be "Move messages with an SCL greater than:"


In my experience this setup has proved to offer little extra defence over a plain Exchange server using up-to-date Intelligent Message Filtering and appropriate RBL's; but your mileage may vary.

**UPDATE, 21/8/2012**
 SpamAssassin appears about 50% better than relying on IMF alone, particularly for detecting recent virus's in email; however it still is not as good as commercial products.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)