Technical TipsProduct Distribution
Usage Questions
Product Distribution How will product updates be made available? Updates to the PreciseMail Anti-Spam Gateway software will be available for download from the PreciseMail Anti-Spam Gateway FTP server and web site. Patches will be distributed as Zipped VMSINSTAL kits for VMS and as Zip or tar files for UNIX. How will PreciseMail Anti-Spam Gateway rule updates be distributed? Customers have a choice of updating the filters manually or automatically: Option 1 - Manual update Option 2 - Automatic Filter Updates
Usage Questions Can PreciseMail Anti-Spam Gateway be used to detect viruses? Yes, we recommend you use the add-on Sophos Anti-Virus module. Without this module, PreciseMail Anti-Spam Gateway can detect some email-borne viruses, but it does not perform all the checks that an anti-virus program will perform. Is it possible for users to allow or block messages based on an email's subject line? Yes, it can be done, but only through the email interface. It cannot yet be done through the web GUI, but that's planned. Users can send email to the PreciseMail@yourdomain with a line like the following: allow_regex Subject: This is the subject That's a case-sensitive regular expression that you're passing, so a more generic example would be something like: allow_regex Subject: .*(?i-:pmas).* which says to allow a subject containing the case-insensitive word PMAS. The ".*" says to match 0 or more characters, so it works for PMAS anywhere on the line. Also, the system administrator can edit the appropriate PMAS_USERS: file and add the entry, if desired. What is the precedence of user-defined and system-wide allow and blocklists? "allow" entries override "block" entries, but user lists override system lists, so a user "block" will override a system "allow" (and a user "allow" will override a system "block"). Should I still use Sieve in PMDF for Spam filtering if I am using PreciseMail Anti-Spam Gateway? While Sieve doesn't provide the sophisticated regular-expression pattern matching that PreciseMail Anti-Spam Gateway provides, it can still be an effective tool in the battle against spam. The biggest advantage to using the Sieve files is performance. If there are certain types of messages that can be discarded via Sieve rules, those messages are discarded by PMDF instead of being handed to PreciseMail Anti-Spam Gateway, thereby saving the overhead of the PreciseMail Anti-Spam Gateway processing. However, because of the relatively limited matching capabilities of Sieve, care must be taken to ensure that the comparison strings are unique to the kinds of messages you wish to discard. Is there an easy way to accurately whitelist specific destination addresses? There are a few ways this can be accomplished, but the easiest is to create a user whitelist file for the desired addresses that contains this line:
Whitelist_EnvFrom * That will cause all mail to be whitelisted for that particular address. User whitelist files are stored in the directory PMAS_USERS: on VMS and in /pmas/users on UNIX. Is there a way to disable return receipts only for messages that have been classified as spam? The return receipt requests are ignored completely for messages that are discarded or quarantined. Those that are forwarded are still handled normally by the normal PMDF receipt handling. Can messages that have been discarded by PreciseMail Anti-Spam Gateway be retrieved? When PreciseMail Anti-Spam Gateway discards a message, it actually writes it to a discard directory, just in case a discarded message needs to be retrieved. However, the PreciseMail Processor can be used to retrieve quarantined messags, but not discarded messages. A system administrator can easily allow a user to retrieve a discarded message by moving the message file from the discard directory into the corresponding [QUARANTINE.x] directory. From there, the recipient can retrieve the discarded message via a MESSAGE: command to the PreciseMail Processor. Is it possible to set up separate processing channels, each with its own pmas_root in order to customize each pmas_root to uniquely handle each client domain? Yes, it's possible to do this. There are a few steps you need to do to make it happen. 1. Clone your PMAS tree, or, perhaps, just the [DATA] directory.
Exactly what you 2. Edit PMDF_TABLE:PMDF.CNF and add new pmas channel definitions.
You pmas master_debug slave_debug You need to add more that start with "pmas_": pmas_group1 master_debug slave_debug pmas_group2 master_debug slave_debug and so on. 3. While in PMDF_TABLE:PMDF.CNF, you should add rewrite rules for pmas1.example.com $U@example.com$Mpmas_group1 Or something similar. The key is to have some unique name on the 4. Copy PMDF_COM:PMAS_CUSTOM_MASTER.COM to $ set default pmdf_com: 5. Depending on how you want "Step 1" accomplished, you
need to edit $ define/trans=concealed PMAS_ROOT disk:[PMAS_COPY1.] Or if you just wanted separate [DATA], [USERS], and [LOG] $ define pmas_data pmas_root:[data.group1] in PMAS_GROUP1_CUSTOM_MASTER.COM. 6. Redirect user mail to @pmas.domain, @pmas1.domain, @pmas2.domain 7. Recompile your PMDF configuration file, restart the dispatcher,
and you Is the PreciseMail Command Processor able to differentiate between the different directories? And will the Quarantine Notify Job pick up all quarantined messages? By default, no, they won't, as only one PMDF_ROOT: will be defined Why do I need PreciseMail Anti-Spam Gateway, if I use a blacklist to eliminate spam? PMDF and many other mail servers support the use of third party blacklists, such as RBL (Real Time Blackhole List) which is part of the Mail Abuse Prevention System (MAPS) (http://mail-abuse.org/rbl/). These blacklists are commonly used to block spam because they verify the DNS address of a sender using a reverse DNS lookup. If the DNS address cannot be verified, the e-mail is presumed to be spam and will not be delivered. There are three problems with using blacklists to eliminate spam:
PreciseMail Anti-Spam Gateway is more effective at eliminating spam than blacklists because it uses a unique combination of heuristic and artificial intelligence technologies. Go to http://www.process.com/precisemail/antispamds.htm to learn more on PreciseMail Anti-Spam Gateway’s features and benefits. Writing Regular ExpressionsWhen writing regular expressions, try to avoid using wildcards like "*" when searching the body. It's much better to use a range like {0,50} to limit the search to, in this example, 0 to 50 characters. When "*" is used in certain cases, it can result in lots of single-character stepping and searching, and for large messages, this process can be very time-consuming. Resolving SMTP proxy crash with PreciseMail Anti-Spam Gateway V2.2 on LinuxSet the 'MALLOC_CHECK_' environment variable by editing the /etc/init.d/pmas initialization file. Near the bottom of the file, find this line:[ -f /pmas/bin/ptsmtp ] && /pmas/bin/ptsmtp -DOn the line immediately before this one, add this command: export MALLOC_CHECK_=0 This change can made to any Linux system running V2.2 of the proxy server. Just stop the PMAS proxy, make the change, and then start the proxy again. Please note that this is a workaround for a glibc issue - not a problem with PreciseMail. ECO-01 for PMAS V2.2 includes this workaround. Info on "VMF" (Verify MAIL FROM:)PreciseMail Anti-Spam Gateway V2.2-1, released on June 8, includes a new feature called "VMF" (Verify MAIL FROM:) that checks for valid return addresses for email messages. It works by sending the envelope MAIL FROM: address for each message to a Process Software server, which attempts to verify the validity of the address by initiating (but not completing) an SMTP session to the mail server for the given domain.The effectiveness of VMF is hampered somewhat because many sites will accept any address for their domains. A site accepting an address during an SMTP session is not necessarily indicative of the validity of the address. Because of the network connections that are involved, deploying VMF will introduce a delay for each message processed. By default, that delay can be as long as 35 seconds; the actual time depends on many factors, but a default timeout value has been implemented to avoid excessive delays. If your site handles many thousands of messages a day, implementing VMF will not be practical for your site, as it will slow down mail delivery too much. This point is covered further in the PreciseMail Anti-Spam Gateway Manager's Guide for V2.2-1. The Process Software server that performs the checks maintains a cache of addresses and their verification results, allowing multiple lookups (from potentially multiple PMAS sites) to avoid unnecessary SMTP lookups, thereby also reducing the amount of time it takes to complete the transaction. What ports need to be open for PreciseMail Anti-Spam Gateway to work? Open TCP ports between 8050 and 8100 for outgoing access to updates.pmas.process.com. Is it possible for an administrator to set a specific domain as opt-in rather than setting it up by specific users? Yes, using the administrator's GUI, log in as "$default$@whatever.com", click "Opt-in", and save. That will create a "$default$" user database entry that will get loaded for everyone in that domain that doesn't have a user database record already. 23-AUG-2006 08:49:30.67: Looking up user database info for goaok@bogus.com 23-AUG-2006 08:49:30.68: User database info lookup status for goaok@bogus.com: 1 23-AUG-2006 08:49:30.68: From db: email: $default$@bogus.com, quar_thres = 0.000 23-AUG-2006 08:49:30.68: Address goaok@bogus.com has opted out of PMAS testing In this example, $default$ was opted out, but you can see that it looks for the $default$ record when there isn't one for the user. Can I use full email address for authentication? Yes, but usage of full email addresses for authentication is not-quite-standard. It's not part of the POP3 and IMAP4 RFCs, though several newer packages are using it to provide support for virtual domains. When authenticating against POP3 and IMAP4 servers, "/virtual" can be specified after the server host name to indicate that the server provides virtual domain support and that the entire email address should be used for authentication instead of just the username portion of the address. Here are two examples of the configuration variables in /pmas/data/pmas_config.dat: auth_pop3_hosts pop3.example.com/virtual,backup.example.com auth_pop3_hosts other.example.com/virtual Is there a way to limit the authentication tests so that, for example bob@pop.example.com is authenticated only against pop.example.com and bobexample@aol.com is authenticated only against imap.aol.com? You can use the fourth parameter in the alias file to specify the authorization method for a particular address. The system checked is determined by the domain name of the authorization alias (the 3rd parameter), so if you specify these lines (or something like them), you should get what you want. bob@pop.example.com bob@example.com bob@pop.example.com pop3 bobexample@aol.com bobexample@aol.com bobexample@imap.aol.com imap4
|
| |
Home > Products and Services > PreciseMail Anti-Spam Gateway > Technical Tips
