Chapter 5: Configuring Mail Delivery Agents Up Main page Chapter 7: The Mail Queue 

6 Configuring Spam Prevention System and Antivirus Agent

6.1 SpamAssassin

figure images/nodeworx/nw-email-spamassassin.png
Figure 6.1 The NodeWorx Spam Filter Settings Page
The basic controls for SpamAssassin are like those of any other service on an InterWorx machine - A service-running indicator and controls to start, stop, and restart service. Beneath that are the “Start on Boot” and “Auto-Restart” toggles, each of which is self-explanatory.

6.1.1 Basic SpamAssassin Options

SMTP-Level Scanning This option will scan all e-mail using the SpamAssassin content filter as the e-mail enters the server. The SMTP connection will be dropped only if the Spam Score is higher than the SMTP Spam Score option below. Otherwise, the e-mail will still be delivered to the recipient. The benefit to having this enabled is that any message that spamassassin can reasonably flag as spam will be rejected immediately before entering your server and being dropped on disk, most likely in a spam folder never to be seen again. On the other hand this will probably cause mail to be scanned twice - once as its entering via SMTP and again when it’s being delivered to the user’s mailbox.
SMTP Spam Score Threshold This is the SpamAssassin score threshold at which the SMTP server will reject a message before local delivery begins. Lower numbers are more agressive while higher numbers let more spam through. Low numbers may cause a lot of legitamate mail to be blocked at the SMTP level. It’s recommended you stay reasonable here and let most mail through and let scanning at the mailbox level take care of flagging whether a message is spam or not. That way, false positives still make it to the user albeit they might be tagged as spam.
Rewrite Header Subject Emails marked as Spam will have the email subject rewritten with what is entered here.
Reporting Method This option sets the method of delivering the actual e-mail spam message. The email can be sent unchanged but with the subject rewritten, it can be attached to an email from SpamAssassin, or it can be attached as plain text to an email from SpamAssassin.
Auto-Whitelisting Enable or disable the SpamAssassin AutoWhitelist functionality. AutoWhitelist tracks scores from messages previously received and weights the message score, either by boosting messages from senders who send good messages or penalizing senders who have sent bad messages previously.

6.1.2 Access Lists

The three access lists can be defined here, one address per line:
White List Use the whitelist textfield to enter email addresses or domains that are valid to send email from on a serverwide level.
Black List Use the blacklist textfield to enter email addresses or domains that are not valid to send email from on a serverwide level
Trusted Networks Relay hosts added here are considered to not be potentially operated by spammers, open relays or open proxies.

6.1.3 Bayesian Scanning Settings

Given training, bayes will learn which emails are most likely spam and most likely ham (not spam) and deal with these emails according to your preferences.
Bayes Auto Learning Use this dropdown to enable or disable Bayes auto learning. If enabled, the system will automatically train the Bayes database by analyzing messages that have a score that strongly suggests that they are spam or non-spam.
Bayes IMAP Training This dropdown enables or disables IMAP training. With Bayes IMAP training enabled, there will be two folders created for all e-mail accounts on the system: "Learn Spam" and "Learn Ham". You can then put SPAM emails in the "Learn Spam" folder and non-spam in the "Learn Ham" folder. This will train the Bayes system on which emails are Spam and which are Ham (not Spam). The training occurs once daily, after which the folders’ contents are purged.
Bayes IMAP Learning Limit (Per Day) The maximum number of e-mails that will be trained from each of the IMAP Training Folders, "Learn Spam" and "Learn Ham," each day.
Global Bayes Database If enabled, all the Bayes data will be stored as a single global user. If disabled, each e-mail box user will have their own Bayes database to store bayesian data. "Disabled" is considered more effective for fighting Spam, but requires all e-mail users to train their messages individually, and uses more disk space, compared to the global database option.

6.1.4 Advanced Preferences

Advanced configuration of SpamAssassin can be performed here. A reference for each of these tags and what they do can be found at:

6.2 ClamAV

figure images/nodeworx/nw-email-clamav.png
Figure 6.2 The NodeWorx Virus Filter Settings Page
Much like the other services, ClamAV has a run indicator, start-stop-restart buttons, and “Start On Boot” / “Auto-Restart” options. Also on the configuration page for ClamAV is the service status for Freshclam, the malware definition update service.

6.2.1 SMTP Scanning

This toggle enables or disables virus scanning on the SMTP level. It’s recommended you enable this.

6.2.2 Freshclam

Freshclam should be enabled at boot and permitted to stay running. The Virus Definition Information block describes the current version of each of the three main ClamAV Virus Definition files and how many definitions are contained within each.
 Chapter 5: Configuring Mail Delivery Agents Up Main page Chapter 7: The Mail Queue 

(C) 2017 by InterWorx LLC