E-Mail Content Filtering with OpenBSD

Contributed by jose on 2003-12-14 from the safer-mail dept.

Marc Balmer writes =: "On October 16, I first presented a new software to kill E-Mail viruses on OpenBSD (and other Unixes): smtp-vilter.
smtp-vilter, which is developed and maintained on OpenBSD, has since evolved and seen enhancements both securitywise and featurewise. It can now be run as non-root user in a chroot jail and besides scanning for e-mail viruses it can be used to scan for spam as well.
smtp-vilter decides whether to pass, discard or simply mark an e-mail message based on the results of a content scan and user defined strategies.
smtp-vilter does not do the scanning by itself, it relies on third-party products like ClamAV (free), Symantec Antivirus (commercial) or SpamAssassin (free) for this purpose. smtp-vilter uses the milter API to communicate with sendmail and one or more backends to communicate with the actual virus or spam scanning engines. The backends can be chained to perform a series of checks on one message in one run.
The software is highly configurable and provides mechanisms for secure operation.
The backends included in the distribution provide support for the Clam AntiVirus Daemon (clamd), the Symantec Anti Virus Scan Engine (savse), and SpamAssassins Daemon (spamd). The backends are realised as shared libraries that are loaded dynamically when smtp-vilter starts. All backends have their own configuration file.
We currently use it to scan an average 100'000 E-Mails per day.

smtp-vilter can be downloaded at http://www.etc.msys.ch/software/smtp-vilter/ "

(Comments are closed)

Comments

By pepper () on 2003-12-16 00:00

All very exciting but its still to do with sendmail.

Why OpenBSD doesnt come with an MTA like postfix ( like NetBSD has ) again?
Comments
1. By Anonymous Coward () on 2003-12-15 13:31
  
  OpenBSD does come with procmail-- it's in the ports collection.
2. By schubert () on 2003-12-15 14:36
  
  postfix is in ports if you want it but like qmail, there are license issues. The postfix license is not "free" enough (IBM Public License) to replace sendmail
By Joe Price () jpriceAT@ATalpha.spacewalk.net on 2003-12-15 16:17 mailto:jpriceAT@ATalpha.spacewalk.net

Sendmail IS the default mail service for obsd. If it was a problem I believe they would either bypass the BSD >= license for system software (gcc?).

Everyone seems to always dog sendmail. I like it. I've been using it for about 6 years for personal use, and for approx. 20 domains over the years. With spam and things these days I'm sure it see's enough traffic. I use access.db to block certain people, I use virtusertable for virtual hosts. Not too crazy. The only thing I plan on implementing is crm114 spam checking, hopefully using vilter :)

Now I'm never actually used any of the other email servers like postfix, or qmail - so I assume I am biased. I think it's important for users (especially new) to see articles both pro and con articles for software. All software has them.

I admin at first sendmail appears somewhat cryptic. =/
Comments
1. By Will Boyce () wozza@openbsd.co.uk on 2003-12-16 05:09 mailto:wozza@openbsd.co.uk
  
  I've tried most, and I liked qmail.. Its easy to use, bit of a ball-ache to get installed etc, but works nice, does the job, and doesn't overly confused with stupidly complex configuration files, ala sendmail ;)..
  
  Give it a try, bet you'll be converted ;). I use qmail on all my servers, although admittedly my openbsd box I use for everyday use still has sendmail, cos I just cba messing about with qmail.. If only it could be in ports, damn weird license. :/
By Paul Pruett () ppruett@webengr.com on 2003-12-16 15:13 mailto:ppruett@webengr.com

I have had some problems with clamav-milter and clamd. Before 0.65, sometimes clamav-milter would stop, and with 0.65 stable after about 5 days clamav-milter would time out like clamd was not responding or other....

I look forward to trying clamav with smtp-vilter to see if it performs better than the clamav-milter that is contributed with clamav.
Comments
1. By zenz () zenz.hu@163.com on 2003-12-18 03:11 mailto:zenz.hu@163.com
  
  I just want to know how to config the clamd and smtp-vilter to check the archives, It seems that the smtp-vilter will passthrough archives in email.
By Anonymous Coward () on 2003-12-18 23:20

.. for email/content filtering. Thats cool. I actually wish I heard about this sooner (my bad for not keeping up @ deadly.org), so I could have evaluated it at the same time I evaluated MailScanner combo'd /w ClamD. Likely these two together take up more resources than other options, but it matters not when you have a small number of email accounts to look after and a decent i386 workstation turned simple server can handle it.

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (10)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]