MailStripper - FAQ
- My spam bin and/or virus bin paths do not exist. Do I need to create
them?
No, MailStripper will handle this for you.
- Does MailStripper run on Windows?
No. Only on Linux, FreeBSD or Solaris (natively). The Linux binaries will
work with NetBSD using its Linux compatibility layer.
- Then, how can it protect a Windows mail server?
MailStripper can run on a different machine to the mail server, as it acts as
an SMTP stream filter.
- Will MailStripper scan for spam on outbound email?
No. Well, actually it can, but then you would have an open relay, due to the
way it communicates to the real MTA. The real MTA would have no way to
distinguish a real local user from a forged local user identity from the
outside because all traffic is coming in over the one link from
MailStripper.
- Is MailStripper available as a boxed software product?
No. The software is available for download from our web server. This is why
it requires a licence code to enable its functionality. It is also how we
can do a fully-featured evaluation without resorting to a crippled demo
version. This also helps keep our costs (and our charges) down.
- I have enabled the F-Prot virus scanner option. Does the software
find the location of the F-Prot binary?
No, it needs to be configured to look in /usr/local/f-prot/ where F-Prot
installs itself.
- I have F-Prot for Windows installed in a Windows partition. Can
MailStripper use this?
No. The Windows version will not run under Linux. You need to install the
Linux version of F-Prot for Small Businesses.
- I emailed the Eicar test virus to myself through MailStripper, and
it did not see the virus. And yes, I have F-Prot installed and enabled.
Some mail clients (e.g. Outlook) recognise the eicar.com file as entirely
valid 7-bit data so do not bother to encode it in any form. The eicar test
virus is only "effective" at the beginning of the data block, and not in the
middle of it, so it is not seen by F-Prot. The solution is to append some
binary data (e.g. command.com, /bin/ls) to the file, then send that out,
alternatively place it in a Zip file. F-Prot will recognise the encoded
attachment and handle it as a separate entity, causing eicar to be seen.
- I use a different anti-virus product on my server. Can MailStripper
use it?
With our avwrap interface, most likely yes you can.
- Can I block Win32 binaries without an AV scanner?
Our avwrap demo script does precisely this. Set your AV
settings to use AVWRAP as your scanner package, it is installed by default
in /usr/local/bin.
- Is it possible to run multiple copies of MailStripper on the same
machine?
No. However, if you're thinking of virtual servers e.g. Xen, KVM, VMWare,
VirtualBox or QEMU, then yes you can, as each virtual machine is effectively
a separate computer. Please note, however, if this path is taken a licence
is required for each virtual machine that is running MailStripper.
- I've added an email address to the sender whitelist file, but mails
from that sender are still sometimes caught in the spam bin.
MailStripper uses the 'MAIL FROM' SMTP command for checking the whitelist.
If this is different to the email address in the From: header, then the email
address in 'Received: by MailStripper-deliver' header needs to be added to
the whitelist file instead of the displayed address.
- Why are the config files stored in a crypted form?
This is an artefact of MailStripper's history. As of 1.2.2 only the
central config file itself is crypted.
- So, how can I read the config file?
Use: mstripconf -cat <filename>
Note that this only uses the leafname part of the stated file and always
looks in /etc/mailstripper - so 'mstripconf -cat config' will work
irrespective of your current directory.
As of 1.2.2, the data files (other than the config file) are no longer
stored in a garbled form, and may be read normally.
- The package doesn't contain any documentation.
The documentation is available as a separate download from the Downloads page
as a PDF file.
- Is there a way to either use a RBL or automatically update the IP
Blacklist from an RBL?
Yes there is. Add an entry in the IP Blacklist of the form
DNS:rbl.server.domain.com. - for example
we use DNS:zen.spamhaus.org.
(The trailing . is required.) Note that the IP blacklist file is not
updated from this, but check the documentation for the Honeypot feature as
that does update this file.
- Is it possible to have MailStripper store mails that were recognised
as spam for a specific length of time?
Certainly. Depending on your requirement, you can use a home-grown script
run via cron, or use something like logrotate.
- Can MailStripper handle mail for domain A differently to mail for
domain B?
Depends on what you're really asking it to do.
Different rules, no. Different spam bins, yes (use the %d substitution
in the spam bin specification).
- I want my spam quarantine bin sent to a role account, rather than be
held in a file local to the mail server. Can I do this?
Definitely. In the spam bin field, just specify the (local) email address of
the role account. This email address must be one for which your machine
would be allowed to send emails to if the email came in from outside.
- Can I have a separate spam bin for each user?
Certainly, use the %u substitution in the spam bin specification.
- I'd like spam to be tagged as spam, but sent on to the intended
recipient. Can I do this?
Yes - Specify your spam bin as #TAG,
or add the recipient who wishes his mail to be tagged to the Tagged
Recipients list (this can be entire domains).
- Can MailStripper work with a TCP proxy?
Yes, though if the TCP proxy is running in userspace you will almost
certainly lose the IP Blacklisting facility.
If you intend to run the TCP proxy to forward SMTP traffic, to your mail
server with MailStripper on it, we would recommend putting MailStripper on
the proxy machine instead of using the TCP proxy.
- I'm using MailStripper with Fetchmail. Why is the IP blacklist not
working?
MailStripper sees the connection as coming from Fetchmail, not where your
ISP's mail server received the connection. As a result, no IP blacklisting
can work with Fetchmail.
- Can MailStripper use a challenge/response mechanism to populate a
sender whitelist?
No, but this is something we are looking at for a future release.
- Can MailStripper work with a local SMTP server configured for SMTP
Authentication
Yes, though this hasn't been stress-tested against multiple AUTH implementations.
You're better off enabling port 587 as a mail submission port for your remote users.
- MailStripper doesn't seem as effective for detecting spam as when it
was several months ago when we first got it.
Any reason why?
When you first bought your MailStripper licence you also received six months'
access to the Premium Blocklist. When this expired subsequent blocklist
update requests retrieved the more basic free blocklist. Subscriptions
are available for just £25 per year.
- I try to run install.sh, but I get an error message.
Try: ./install.sh
Failing that, do: sh install.sh
- I think I've found a bug!
Please let
us know. It would be a help if you can also include the output from
running mstripconf -cat config and give
a brief summary of your setup.
|
|