Spam / MTA's
Any ever tried to filter spam through a linux server? Currently trialing Stop spam with the Anti-Spam-SMTP-Proxy (ASSP) (A decent free alternative), and can't quite get my head around the configuration.
Firewall - Redirecting P25 traffic to 10.0.0.1
ASSP: 10.0.0.1 Port 25
Exchange 10.0.0.2 Port 26 on the SMTP connector, allowing only 10.0.0.1 to relay/connect
Some wiki examples show the server running as:
Internet > Assp > Exchange > Client [inbound]
Client > Assp > Exchange > Internet [outbound]
And the majority show MTA examples, i.e.
Internet > Assp > Exchange > Client
Client > Assp > Exchange > MTA > Internet
Will exchange act as a MTA when sending out emails, and how would a client outlook know to connect to ASSP outbound rather than exchange.
The product is packed with features, and is very regarded however the documentation is very poor, and examples are very vague. Hopefully someone has a few ideas :confused:
Depends on the client, but if you're using Outlook configured to talk to Exchange with MAPI then it's not going to talk to your ASSP box.
If you need to filter outbound then you need to set up Exchange to route all email via the ASSP box (there's a setting somewhere under SMTP that allows this)
I'm guessing the examples you're seeing assume that users have their Outlook configured using IMAP or POP/SMTP (which is barking!) - that way you could just specify that they talk directly to the ASSP.
I would hope that most people won't deliberately send spam that a spam filter will pick up so what you need to protect against is botnets etc. If you make sure that port 25 outbound through your firewall only accepts email from Exchange then you may not need to worry about outbound filtering except for messages coming from Exchange.
I've no idea about ASSP, but with my spam filter setup (Postfix/Mailscanner/SpamAssassin/ClamAV), I've got it as:
Internet -> Spam Filter -> Exchange -> Client(outlook) [Inbound]
Client -> Exchange -> Spam Filter -> Internet [Outbound]
On the inbound side, i would say that 90% of our spam is stopped at the postfix stage using a number of DNSBLs (spamhaus etc.) Mailscanner and SpamAssassin are then very good at catching anything else that gets through, this gets labeled with a spam tag, so it ends up in the the users Junk Mail folder in outlook.
If anything does manage to get past (which seems to be very rare now), the users here have been taught to move the offending message into a public folder called spam on the exchange server. This is checked hourly by the spam filter box, and any messages in the spam public folder are used to train the bayesian filter of spamassassin. (There is also a not-spam folder for false positives).
On the outbound side, the exchange server has been set up to use the spam filter box as a smart host. Also for outbond, the filter has been set up to that it only checks for viruses / banned attachment types etc. and not spam.
In answer to your question, yes Exchange is a MTA. I think it is just that some use Exchange internaly, and use a different MTA as a gateway, but you don't need to do this, especially if you don't need / want to filter outbound messages.
As for getting the outlook client to send messages via ASSP, then I agree, the only way I can think of is setting outlook to connect to exchange via imap/pop, which as Steve said is barking! I think a better bet would be to try and get your ASSP box to act as a smarthost for the Exchange box.
Anyway, that's enought of my ramblings. Hope something in there is useful!
I have built (but not yet tested) a linux server running Postfix, MailScanner and ClamAV to run as a Spam Filter in front of our exchange. Still waiting for the opportune moment to test it, because if it doesnt work I will no doubt be assassinated by angry teachers that suddenly cant see their facebook alerts :) Might be half term now...
Oh, and heres the guide I used if its any help, I'l let you know if it works when I test it!!!
The Perfect SpamSnake - Ubuntu 8.04 LTS | HowtoForge - Linux Howtos and Tutorials