VMware Virtual Appliances Community
VMTN_Admin
Enthusiast
Enthusiast

Spam Vigilante - Mail Filter Virtual Appliance

http://www.vmware.com/vmtn/appliances/directory/255

A mail proxy based on FreeBSD with spam (SpamAssassin) and virus (ClamAV) scanning. Can be used with any existing mail system.

Reply
0 Kudos
553 Replies
telackey
Contributor
Contributor

Telackey: Sorry, didn't realize you had replied ... (maybe email from this Forum got bounced :smileygrin:)

Maybe an alternative: LDAP lookup from SV -> Domino (i.e., make Domino behave like your Exchange lookup?) but I am not sure if that is all you are doing with Exchange and I am not sure if that necessarily prevents "bounce" messages.

Yes, that is what it is doing. It won't necessarily prevent a bounce, but it would change the origin of the bounce. Since SV would reject receipt, the bounce would originate at the sender's SMTP server, not yours or at SV.

SV is using a rather primitive system of periodically downloading the recipients list from Exchange (more correctly from AD), parsing it, and writing it out in a from Postfix understands.

The much[/i] better way to do that is though using Postfix's LDAP support directly. The major obstacle there is that the Postfix in SV was not complied with LDAP support enabled, which means recompiling and deploying it. That isn't so onerous as it might sound, however.

To do the first way you'd want to enable Exchange support in the installer (a useful expedient on several of the settings) and then you would need to edit /usr/home/spamviewer/config.py and change the value of LDAP_SEARCH_FILTER to something Domino would understand. That should be pretty simple.

Then you'd need to edit /usr/home/spamviewer/elr.py and where you see it use the attribute 'proxyAddresses' you'd want to change it to the Domino equivalent (possibly 'mail') and also probably remove the related test for ".startswith('smtp:')" which likely wouldn't apply. Again, the changes should be minor and simple.

To go the Postfix->LDAP route, you'd need, of course, to recompile Postfix, but also to write a new LDAP config file which matched your setup and set the relay_recipients_map to that. If you need to do that, I may be able to give your a hand should you require it.

Reply
0 Kudos
telackey
Contributor
Contributor

Hey Telackey! Thanks for the reply. No worries on the delay....

The ports update worked fine and the line X11BASE=$ was already in my make.conf file.

I tried the new amavis-stats package installer again running ./configure then make and the make task threw the same error.

bq. make: don't know how to make all-local. Stop
**** Error code 1
Stop in /tmp/stats1/amavis-stats-0.1.22.
**** Error code 1

Let me know if you have any more suggestions. Thanks!

Dommo

Hmm, can you install it manually? Eg,

cd /usr/ports/security/amavis-stats

make install

??

Reply
0 Kudos
Kanabec
Contributor
Contributor

First I'd like to say thanks for making this appliance available to us, and all of your hard work on it. It's very much appreciated.

Now for my question.

When I boot up, I'm scolded by ClamAV that it needs a version upgrade before it can update properly. I read through this forum hoping for ClamAV upgrade instructions and was very pleased to find you had posted them in response to Dommo's request. Unfortunately, they aren't working for me. When I cd to /usr/ports/security/clamav and do the make install, it starts to work, but then exits with an error, beginning with undefined reference to 'gethostbyname_r'. I tried searching for a solution, and found a bugreport, and references to a patch and a revision that should solve the problem, but I was unable to figure out how to patch it or to get the revision. any suggestions?

.

Reply
0 Kudos
mglenney
Contributor
Contributor

telackey,

I've been looking for a mail relay replacement for the one I built some time ago and this project seems like it will work perfectly. I have a couple of concerns:

1) It looks like you are very active on this board so that's a good sign but the Applicance and the updates haven't been changed since 2006. Is this something I should be concerned about? I'm especially concerned about updates to Spamassassin and ClamAV. I'm sure Clam is running Freshclam but I'm talking about application updates.

2) My company has multile domains we accept mail on. Some of our users have e-mail addresses in multiple domains. All users only have 1 mailbox on the mail server though. Is that a problem? I though I found that answer in this board last night and it won't be a problem but today I am not finding it.

3) I think I also saw that you support RulesDuJour (Which I love). is that still the case?

4) Relay permissions: Right now, with my current setup, I can allow a subnet (eg, 192.168.0.0/16) to relay without spam and virus filtering. This allows all my internal servers to send mail. Would I be able to do the same thing with Spam Vigilante. Also, my users outside our network can use our server for relay after they auth to it. Does this server support that as well?

Sorry for so many questions. Thanks ahead of time for your time.

Mike G.

Ok, after posting I read the post above this one and it talks about updating Clam. I guess that answers one of my questions Smiley Happy

Message was edited by: mglenney

Reply
0 Kudos
Dommo
Contributor
Contributor

Reply
0 Kudos
mglenney
Contributor
Contributor

I figured out the answer to #3 but am still wondering about my other questions. Can anyone help me out?

Mike G.

Reply
0 Kudos
m3rc4ry
Contributor
Contributor

Telacky,

I'm trying to migrate my Spam Vigilante VMware Virtual Server to ESXi. I ran into a problem where it appears that the virtual server image using IDE disk controllers are converted to SCSI on ESXi. Now I get a mountroot command line and it appears that the boot drive is being recognized as a CD device. Do you have any tips on how to migrate the VM to ESXi? Any help would be appreciated. It says something like:

Trying to mount root from ufs:/dev/ad0s1a

This is right after the line:

acd0: CDROM <VMware Virtual IDE CDROM Drive/00000001> at ata0-master PIO4

At this point the bootup stops and I'm left at a mountroot> prompt. If I type ? then I get:

acd0t01s1 acd0s1 acd0t01 acd0 fd0

No matter what I type at the mount prompt I get no where. Thanks for the help.

Thanks,

Dommo

Reply
0 Kudos
brewewa
Contributor
Contributor

Does anyone know why my amavis-stats periodically stops logging? Take a look at this graph....

Also, take a look at the ratio of Passed versus Not-Delivered spam for the year. Does anyone else get as much spam as I do?

--Brew

Reply
0 Kudos
jjamieson
Enthusiast
Enthusiast

Is there any place to get this besides the Torrent? There's a few seeds but only one is connecting after an hour of running the torrent and it's only sending me 100 - 700 bytes a second.

I'd like to check this out because the other spam scanning appliance I have running is sucking and I need to replace it soon. I'd rather not wait 45 days to download a 150MB file.

Reply
0 Kudos
mrojas73
Contributor
Contributor

Hi,

I am very interested in trying out this appliance, can some one share it with us? I am trying theTorrent but it is not even starting to download, so I think the link is dead.

I would really appreciate any help.

Thanks.

Reply
0 Kudos
KJP5
Contributor
Contributor

I am also trying to move my machine from VMware Server 2.0 to ESXi 3.5 (although 4.0 has just come out) and running into problems.

Since ESXi doesn't support IDE disks (they support IDE CD-ROMs; why not disks?), I successfully changed my old machine to have an LSI Logic SCSI Controller (BusLogic does not work for FreeBSD) before copying it to ESXi 3.5 (note Converter changes the SCSI Controller type; you need to change it back), but that still doesn't help.

From reading around, it seems that FreeBSD 6.1 (and older?) has this problem, but FreeBSD 6.2 (and newer?) doesn't. I'll try upgrading a copy to a newer verison of FreeBSD (6.2, 6.4 or 7.2 in that order) unless anyone else has an answer.

Reply
0 Kudos
sirstevis
Contributor
Contributor

I set up a mirror a while back, but it appears I forgot to post it. You can download the files here (please be gentle):

http://www.stevis.com/SpamVigilante/

I've been running this appliance for a couple of years and have had very good success with it. I have had to comb through the forums to find some answers to some quirky things, but you can find them if you look hard enough. I wish I'd taken notes so I could post them, but I keep finding and forgetting...

Reply
0 Kudos
annegerben
Contributor
Contributor

Hi m3rc4ry,

I've got Spam Vigilante running on ESXi.

you can solve your problem with this howto:

I've also upgrade to freeBSD 6.2 before coldcloning to ESXi

Reply
0 Kudos
PeterAdcock
Contributor
Contributor

Would it be possible for you to post instructions on your website as to how to update the ClamAV product in the appliance. I am not a unix/Linux/FreeBSD guy and the ClamAV site was quite cryptic

Reply
0 Kudos