|
|
|
|
|
|
|
|
|
SPAM
Smacker |
||
|
|
|
|||
|
|
|
Version 1.0 |
||
|
|
|
Product Documentation and Best Practices Guide |
||
Distributed by The ProExchange and their authorized resellers. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without the written consent of The ProExchange.
© Copyright The ProExchange, 2003
|
Rev. No. |
Description |
Rev.Date |
Author |
Comments |
|
1.0 |
Version 1.0 |
7/15/03 |
Janet Twitty |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Table of Contents
System and
Network Requirements
SPAM Smacker Installation
and Setup Process
Maximizing
SPAM Smacker Effectiveness
Best Practices
for SPAM Filter Maintenance
Troubleshooting
Mail Delivery and SPAM Blocking Issues
Tracking
Message Delivery Delays
Controlling
Debug Log Information
How SPAM Smacker Works
SPAM Smacker uses several different methods to identify an incoming SMTP message as spam. These methods include such things as blacklist checking, keyword matching, identifying incorrect formatting of the message, and blocking by known spam hosts. SPAM Smacker stores information used to accept or deny mail in a database, either Microsoft SQL Server/MSDE or Microsoft Access. In addition, SPAM Smacker has support to block mail from hosts based on contacts created in the Active Directory. This allows you to store additional information on why a host is blocked and track how many messages associated with a particular contact are blocked.
SPAM Smacker intercepts all incoming SMTP messages. If a message is identified as spam and SPAM Smacker is set to block messages, Exchange 2000 saves the message in a [Blocked Mail] directory and the message is not delivered. SPAM Smacker logs whether a message is delivered or blocked and the reason for blocking it.
The SPAM Smacker web console allows you to edit all keywords, phrases, domain names, and hosts that are used as criteria for blocking messages, and to manage registry settings which control options for this tool. You may also view the statistics on delivered or blocked messages, as well as message logs and the messages themselves. Five Quick Reports are included, which provide the ability to list a summary of which hosts are sending and which users are receiving the most spam.
Installing SPAM Smacker
The installation process for SPAM Smacker includes installation and configuration of the SPAM Smacker product itself, configuration of Exchange 2000, configuration of IIS, configuration of the database that will support the SPAM Smacker, and setting up the SPAM Smacker Web Console. The following sections will guide you through the necessary installation and configuration.
System and Network Requirements
Version 1.0 of SPAM Smacker is designed to run on Exchange 2000, with IIS and Active Directory. In addition, SPAM Smacker code requires access to a database. If the database is not local to the Exchange server running SPAM Smacker, the required network protocols must be allowed between the server(s) running SPAM Smacker and its database. For Access, this requires full RPC communications. For SQL Server, only the ports required for SQL queries are needed.
SPAM Smacker Installation and Setup Process
On each Exchange 2000 server that processes incoming SMTP mail, install the SPAM Smacker product by running the [SSInstall] program. Once the [SSInstall] program has completed you will have a SPAM Smacker shortcut in your start menu. From that shortcut select ‘SPAM Smacker setup and configuration’. The following screen will be displayed.
Figure 1 - Main Set-up Screen
Setup Registry
To set or edit basic registry information, on the main set-up screen click on “Setup Registry” then click “Go”. You will be allowed to configure the registry settings related to SPAM Smacker. You will be presented with the General Settings tab of the Set-up Registry screen, which that allows you to view current registry entries and to edit/update them.
The first tab; entitled “General Settings” must be updated on every machine that is used for either hosting the SPAM Smacker database, the SpamAdmin web pages, or Exchange filter components. The second two tabs entitled “Exchange Server Settings”, and “Server Network Settings” must be completed on each Exchange server that receives incoming SMTP mail.
General Settings Tab
Figure 2 - Setup Registry Page - General Settings Tab
On the General Settings tab, you can view and edit the following fields.
Active Directory Settings
Domain to query for contacts - Organization
Unit in the Active Directory that contains the host blocking contacts. This field is required.
Target Domain Controller for all Active Directory queries – Domain Controller that the script uses for lookups. If left blank, the first Domain Contoller to respond is used. This field is optional.
SPAM Bypass IP Address
SPAM Bypass IP Address –
Partial IP address of servers, usually those in
a local subnet, for which messages will bypass any SPAM checking. Enter an invalid partial IP address to
process all messages. This field is
required.
Database Settings
Using SQL Server Database/Using Access Database – Click on the
option that identifies the type of database that will be used by SPAM
Smacker. “Using SQL Server Database” is
the default.
Settings for SQL Server Database
SQL Server Name – SQL Server machine name. Required if “Using SQL Server Database” is selected.
Login Name – Standard SQL security login name. Required if “Using SQL Server Database” is
selected.
Note: The logon account you enter is created and granted full access to the SPAM Smacker database [SPAMFilterDB]. Domain Users are granted read access to the SMTP logs table.
Password – Password for the SQL Login Name defined. Required if “Using SQL Server Database” is
selected.
Test Connection – Initiates a connection to the SQL Server using the provided information.
Settings for Access Database
Access Database Path – Full pathname of Access database. Enter either the local path, i.e.
C:\ProExchange or the Universal Naming Convention (UNC) path where the database
is located. Required if “Using Access
Database” is selected.
Test Connection – Initiates a connection to the Access database using the provided information.
The following are points to consider when using Access as the configuration database:
ü If you are installing SPAM Smacker only on one system, you can place the MDB file on that system and use a local path.
ü If you plan to run SPAM Smacker on multiple systems, you will need to store the Access MDB file on a share that all systems running SPAM Smacker can access.
ü If the MDB file is located on a network share, grant the Exchange Domain Servers group at least Change access to the share and the MDB file.
ü Grant permissions to any users who need to access the database from the web console or via other means.
ü SPAM Smacker does not create the share or directory you enter. Therefore, you need to create the directory, copy the required files to it, and share the directory if you have multiple systems that will be running SPAM Smacker.
ü You have the option of placing the Access MDB file on a system other then the Exchange server. Simply point the install program to that directory and grant the necessary permissions.
Exchange Server Settings Tab
These settings are only needed on Exchange Servers.
Figure 3 - Setup Registry Page – Exchange Server Settings Tab
On the Exchange Server Settings tab, you can view and edit the following fields.
Log Folder - Various levels of logging can be configured to permit logging of
information to log files. These will be
placed in the folder you select. The
default folder is <InstallDir>\Logs
Required
Active Directory Organization Unit – The Active Directory organizational unit that the SPAM Smacker will create its required objects under. Required
Blocked Mail – The folder where blocked mail items will be saved. By default the SPAm Smacker Setup and Configuration utility attempts to locate the IIS badmail folder, which is usually <RootDrive>\InetPub\mailroot\BadMail\ If it cannot locate this folder you can enter the path manually. If nothing is entered it will then default to <InstallDir>\Badmail Required
SPAM Override Security Group –
Members of this group will never have their messages blocked. This field is optional.
Server Network Settings Tab
These settings are only needed on Exchange Servers.
Figure 4 - Setup Registry Page –Server Network Settings Tab
On the Server Network Settings tab, you can view and edit the following fields.
NetBIOS Domain - Down level NT domain name for Active Directory
domain. Users in this domain will have
read access to SPAM Smacker Logs.
Forwarding Subnets –
Allows entry of Class C Subnet addresses[1]
of systems forwarding mail to this system.
Setup Database
Use the “Setup Database” option to setup the central configuration database, including tables and permissions. SPAM Smacker supports the following databases:
• SQL Server
• Microsoft Desktop Engine (MSDE)
• Microsoft Access (MDB)
This option needs to be performed only once as part of the installation, and then each exchange server should be updated with the “Server Name”, “Login” and “Password” in the General Settings Tab.
If you are using Microsoft Access, this button is only required to create a new database file.