Email Virus / Spam Scanner Project

From Kathmann Labs

Revision as of 23:37, 26 November 2007 by Nkathman (Talk | contribs)

(diff) ←Older revision | Current revision (diff) | Newer revision→ (diff)

1 MailScanner Email / Virus / Spam Scanner Project

[edit] MailScanner Email / Virus / Spam Scanner Project

In the search for a good replacement for Trend Micro's SMTP anti-virus / anti-spam gateway, I came across the MailScanner open source software project. I installed it on another machine and ran it in parallel with the Trend Micro gateway for a while. The first thing that I hit me was how unbelievably customizable the software was. The high level overview of the software is two instances of sendmail running using different queue folders with a perl script running to process the email queue files. One instance is listening and drops the email queue files into the mqueue.in folder, the MailScanner perl script picks up the queue file, runs it against SpamAssassin, your anti-virus packages, and several other packages (like Razor & DCC). You can also filter email attachments based on extension and/or filetype. The newer versions now have some anti-phishing filters built in also.

After running the software for a couple months, I must say it kicked the pants off of any other commercial or open source package I've used so far, including the Trend Micro gateway and Barracuda appliances (IMHO). It has since replaced all of the other gateways, and has been up and running reliably both on hardware and in VMs. The maximum amount of email we were processing was around 44k messages per day on a single processor Dell Poweredge 1750. I use it as a relay between the internet and our Microsoft exchange servers, but it can also be used on the actual email server (assuming you are running a linux email server).

All of the configuration files are or can be perl files, leading to a huge amount of flexibility. You can configure rules to be granular enough to actually act differently for different senders and recipients on the same email!