SMFilter

SMFilter is a free plugin that adds Anti-virus (ClamAV) and spam filtering (SpamAssassin) functionality to SmarterMail Mail Server. SMFilter uses ClamAV and SpamAssassin which are popular Open Source applications.
ClamAV is one of the most widely used virus scanners on mail servers. It was developed to run mainly on the *nix platforms but now Windows ports are available (one of which SMFilter uses). ClamAV's virus detection rate is generally at par or sometimes better (especially in the case of newly discovered viruses/worms) than commercial AV products. In addition to detecting viruses/worms ClamAV can also detect email exploits and phishing scams.
SpamAssassin is an open source anti-spam tool that is widely deployed on mail servers running Unix-like operating systems. SpamAssassin provides efficient scoring spam filters, support for SPF sender authentication and Bayesian filtering. Written in Perl, SpamAssassin can be also be installed on a Windows server. Although SmarterMail comes with built-in spam filtering it is far less powerful than SpamAssassin.

Installation

Just follow these simple steps:

1. Download and install ClamAV for Windows.
2. (Optional) Download and install SpamAssassin (follow these instructions).
3. Download SMFilter and extract the files to any directory (e.g. "C:\SmarterMail"). Set the path to ClamAV (if using the command line scanner) and SpamAssassin in the SMFilter.ini file if they are different from the defaults.
4. Login to SmarterMail control panel as admin and go to the "Protocol Settings" page. Set the "Command-line EXE or batch file to run on new mail" field to "C:\SmarterMail\SMFilter.exe %filepath" (without quotes) or whatever the path to SMFilter.exe is. Check the "Enabled" check box next to it and save settings.

You can scan files with ClamAV in three ways:-

1. Command Line Scanner clamscan.exe (stand alone): This is the easiest to setup. Just set the correct path to clamscan.exe in SMFilter.ini and you are done. This also has the highest overhead of the three because a new instance of ClamAV engine (with the cygwin layer) and the virus database is loaded for each scan. Use only for low volume mail servers.
   
   
2. Command Line Scanner clamdscan.exe (daemon version): This is similar to using the standalone scanner but it uses the ClamAV daemon clamd.exe for scanning and therefore has lower overhead. This method is not required anymore as SMFilter can now connect directly to clamd (see below).
   
   
3. Direct Connection to clamd (recommended): This method has the least overhead as SMFilter directly connects to clamd to scan files without loading a separate instance of ClamAV engine for each scan. Since clamd runs as a "daemon" (i.e. a memory resident background process) ClamAV engine and database is loaded only once.
   
   To use this method you need to configure clamd to use TCP Sockets (it uses Local Socket by default). Open clamd.conf (by default in "C:\clamav-devel\etc") in a text editor and comment out (add a '#' in front of the line) the option "LocalSocket". It should look like this:
   #LocalSocket /cygdrive/c/clamav-devel/clamd.sock
   
   Then uncomment the "TCPSocket" and "TCPAddr" options. It should look like this:
   TCPSocket 3310
   TCPAddr 127.0.0.1
   
   Now just save the file and run clamd.exe. Make sure SMFilter is set to use direct connection to clamd (USE_SOCKET=1, CLAMD_PORT=3310, and CLAMD_HOST=127.0.0.1 in SMFilter.ini).
   
   You are done! Well almost, because there is a problem with this setup. Clamd is running under the context of the current logged in user (you) and Windows will close it as soon as you logout. This means clamd will only run as long as a user is logged on (and will have to manually started on login). To overcome this limitation you can run clamd as a Windows service which can start automatically at system boot (even when no user is logged on). See this thread for more information on running clamd as a Windows service.

You can configure the following options in SMFilter.ini as required:

• The message added in the subject of infected mails.
• The signature added to the footer of cleaned virus emails.
• Action to be taken on infected emails (Clean, Quarantine, Delete, or Ignore).

Finally, you can send test virus and spam emails to yourself to test your setup from this page.

Note: SMFilter has been well tested on Windows 2000 and Windows Server 2003. But there is no guarantee it will run on all configurations, use at your own risk. There is no support whatsoever. If you need a custom supported solution for your server please contact us for a quote.