Configuring Clam-AV and Spamassassin for SmarterMail

This article will show you how to add free Anti-virus (ClamAV) and spam filtering (SpamAssassin) for SmarterMail. Although SmarterMail comes with built-in spam filtering it is far less powerful than SpamAssassin.

Step # 1: Install Clam-AV

• Download and install the latest version of Clam Anti-Virus from http://www.sosdg.org/clamav-win32  with the default installation path. If you change this make sure that the correct path is put in the steps that follow in this document.

Step # 2: Run Clam as Service

• Clam needs to run as a service so that there is optimum utilization of memory. For this we need to run CLAMD.EXE as a service rather then configuring SmarterMail to use CLAM.EXE. To enable Clam to run as service, download the Windows 2003 Resource Kit. What we need from there is INSTSRV.EXE and SRVANY.EXE
• Once the Resource Kit has been installed, go to the command prompt and type: INSTSRV ClamAV “C:\Program Files\Windows Resource Kits\Tools\srvany.exe”
• This step will write ClamAV as a service in the registry
• Open the Services Manager and locate ClamAV service
• Right-click ClamAV and set it up to run under administrator account. This is important else ClamAV will fail to check the spools
• Next, open registry editor and locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ClamAV
• Add a new key called Parameters
• Under Parameters add a new String Value (REG_SZ) called Application and set the path to C:\\clamav-devel\\bin\\clamd.exe
• Once this is set, get out of the registry editor and go back to the Services Manager. Set the ClamAV service to Automatic and start it.
• To verify that ClamAV is running fine, open C:\clamav-devel\log and verify that the clamd.log file is created. Open and see if the service has started.

Note: ClamAV does not kill the process automatically. If you need to reset, first kill the clamd process from Task Manager and then restart the service.

Once the configuration is done, we will further configure ClamAV for use with SMFilter (configured later in this document). To do so:

Configure clamd to use TCP Sockets (it uses Local Socket by default). Open clamd.conf (by default in “C:\clamav-devel\etc”) in a text editor and comment out (add a ‘#’ in front of the line) the option “LocalSocket”. It should look like this:

#LocalSocket /cygdrive/c/clamav-devel/clamd.sock

Then uncomment the “TCPSocket” and “TCPAddr” options. It should look like this:

TCPSocket 3310

TCPAddr 127.0.0.1

Now just save the file, kill the current clamd.exe process and restart service.

Step # 3: Schedule Task for updating ClamAV

• To ensure that ClamAV database is updated automatically, create a task in the Task Scheduler which calls FreshClam and runs it daily

Step # 4: Install and Configure SpamAssassin

• Download SpamAssassin for Windows from http://spamassassin.apache.org

Note: SpamAssassin requires Perl to be installed. This article assumes that you have already configured ActiveState Perl on the server.

• Open DOS Prompt and browse to the PPM directory under Perl. Type PPM3 to initiate Perl Package Manager. This is the easiest way to install Perl Modules.
• To install a module all you need to do is type install <modulename>. If the module is already installed, you will be asked.
• The following modules need to be installed for SpamAssassin to work:
  • Module Comments
  • HTML-Parser Older builds of both Perl 5.6 and 5.8 will probably not have a new enough version (Check with PPM in QUERY). At least 3.24 is required.
  • Digest-SHA1 Older builds of both Perl 5.6 and 5.8 may need to upgrade via PPM. Check using QUERY in PPM. This module is also required
  • DB_File On Perl 5.8.7, PPM will install version 1.812.
  • Net-DNS On Perl 5.8.7 PPM will install version .53, which appears to work correctly on Win32 systems.
  • Time-HiRes PPM will install v1.49 for Perl 5.87
  • IP-Country PPM will install v2.20 for 5.84
  • Mail-SPF-Query This module is used only for SPF
  • DBI On Perl 5.8.7, installs DBI 1.48
• Before we can use SpamAssassin, the following configuration changes are required to be done:
  find \perl\bin\spamasasssin.bat (it is probably read-only), and add at the beginning (well, nearly: right after the @ECHO OFF line.)

SET RES_NAMESERVERS=ipaddress
SET LANG=en_US

where ipaddress is the ipaddress of your DNS server. If you have more than one, add additional ones, separating with a space character. This is needed for all RBL lookups to function properly. (Net-DNS in theory can query Windows for the right nameserver, but has not demonstrated reliability in this matter.)

You should make similar changes to \perl\bin\sa-learn.bat if you plan on using the Bayesian spam functionality.

Step # 5: Install and Configure SMFilter

• Download SMFilter from http://projects.efextra.com/SMFilter-beta2.zip and extract the files to any directory (e.g. “C:\SmarterMail”).
• Set the path to ClamAV (if using the command line scanner) and SpamAssassin in the SMFilter.ini file if they are different from the defaults.
• Make sure SMFilter is set to use direct connection to clamd (USE_SOCKET=1, CLAMD_PORT=3310, and CLAMD_HOST=127.0.0.1 in SMFilter.ini)
• Configure the message added in the subject of infected mails to [VIRUS FOUND]
• Action to be taken on infected emails (Clean, Quarantine, Delete, or Ignore) to Clean

Step # 6: Configuring SmarterMail

• Login to SmarterMail control panel as admin and go to the “Protocol Settings or General Settings” page.
• Set the “Command-line EXE or batch file to run on new mail” field to “C:\SmarterMail\SMFilter.exe %filepath” (without quotes) or whatever the path to SMFilter.exe is.
• Check the “Enabled” check box next to it and save settings.
• Restart SmarterMail Service

To ensure everything is running fine, open the following logs files:

• SmarterMail Logs: check the delivery log to see if it tags Command Line executed successfully
• ClamAV: check the clamd.log to see if ClamAV is running fine
• For further testing of SPAM, visit the following site: http://www.efextra.com/filtertest.asp