Yes, we recommend you use the add-on ClamAV or Sophos Anti-Virus modules. Without this module, PreciseMail Anti-Spam Gateway can detect some email-borne viruses, but it does not perform all the checks that an anti-virus program will perform.
Yes, through either the email-based command interface or the web GUI.
"allow" entries override "block" entries, but user lists override system lists, so a user "block" will override a system "allow" (and a user "allow" will override a system "block").
While Sieve doesn't provide the sophisticated regular-expression pattern matching that PreciseMail Anti-Spam Gateway provides, it can still be an effective tool in the battle against spam. The biggest advantage to using the Sieve files is performance. If there are certain types of messages that can be discarded via Sieve rules, those messages are discarded by PMDF instead of being handed to PreciseMail Anti-Spam Gateway, thereby saving the overhead of the PreciseMail Anti-Spam Gateway processing. However, because of the relatively limited matching capabilities of Sieve, care must be taken to ensure that the comparison strings are unique to the kinds of messages you wish to discard.
There are a few ways this can be accomplished, but the easiest is to create a user whitelist file for the desired addresses that contains this line:
Whitelist_EnvFrom *
That will cause all mail to be whitelisted for that particular address. User whitelist files are stored in the directory PMAS_USERS:
on VMS and in /pmas/users
on UNIX.
The return receipt requests are ignored completely for messages that are discarded or quarantined. Those that are forwarded are still handled by the normal receipt handling.
When PreciseMail Anti-Spam Gateway discards a message, it actually writes it to a discard directory, just in case a discarded message needs to be retrieved. The web interface can be used by the administrator to retrieve discarded messages, and optionally can be enabled to let end users review and retrieve their discarded messages.
PMDF and many other mail servers support the use of third party blacklists, such as RBL (Real Time Blackhole List) which is part of the Mail Abuse Prevention System (MAPS) (http://mail-abuse.org/rbl/). These blacklists are commonly used to block spam because they verify the DNS address of a sender using a reverse DNS lookup. If the DNS address cannot be verified, the e-mail is presumed to be spam and will not be delivered.
There are three problems with using blacklists to eliminate spam:
PreciseMail Anti-Spam Gateway is more effective at eliminating spam than blacklists because it uses a unique combination of heuristic and artificial intelligence technologies.
When writing regular expressions, try to avoid using wildcards like *
when searching the body. It's much better to use a range like {0,50}
to limit the search to, in this example, 0 to 50 characters.
When *
is used in certain cases, it can result in lots of single-character stepping and searching, and for large messages, this process can be very time-consuming.
Open TCP ports between 8050 and 8100 for outgoing access to updates.pmas.process.com.
Yes, using the administrator's GUI, log in as $default$@whatever.com
, click "Opt-in", and save. That will create a $default$
user database entry that will get loaded for everyone in that domain that doesn't have a user database record already.
23-AUG-2006 08:49:30.67: Looking up user database info for goaok@bogus.com 23-AUG-2006 08:49:30.68: User database info lookup status for goaok@bogus.com: 1 23-AUG-2006 08:49:30.68: From db: email: $default$@bogus.com, quar_thres = 0.000 23-AUG-2006 08:49:30.68: Address goaok@bogus.com has opted out of PMAS filtering
In this example, $default$
was opted out, but you can see that it looks for the $default$
record when there isn't one for the user.
Yes, but usage of full email addresses for authentication is not-quite-standard. It's not part of the POP3 and IMAP4 RFCs, though several newer packages are using it to provide support for virtual domains.
When authenticating against POP3 and IMAP4 servers, /virtual
can be specified after the server host name to indicate that the server provides virtual domain support and that the entire email address should be used for authentication instead of just the username portion of the address.
Here are two examples of the configuration variables in /pmas/data/pmas_config.dat
:
auth_pop3_hosts pop3.example.com/virtual,backup.example.com auth_pop3_hosts other.example.com/virtual
You can use the fourth parameter in the alias file to specify the authorization method for a particular address. The system checked is determined by the domain name of the authorization alias (the 3rd parameter), so if you specify these lines (or something like them), you should get what you want.
bob@pop.example.com bob@example.com bob@pop.example.com pop3 bobexample@aol.com bobexample@aol.com bobexample@imap.aol.com imap4
There are three ways this could be done.
The best way would be to create a record in the PMAS user database for $default$@example2.example1.com
and then opt it out:
$ pmasadmin :== $pmas_exe:pmasadmin.exe $ pmasadmin user create "$default$@example2.example1.com" $ pmasadmin user optout "$default$@ example2.example1.com"
Assuming no user@example2.example1.com has their own opted-in record, all mail to such users will be passed through without scanning.
The second method is add rule allow envelope_to matches_wild "*@example2.example1.com"
to 00_ALLOWBLOCKLISTS.CF
ule allow envelope_to matches_wild "*@example2.example1.com"
A third method would involve a wildcard alias that writes example2.example1.com addresses to some specific email address that is opted out. If you wanted to ensure that all messages for example2.example1.com were opted out, regardless of whether or not a user had opted in, you could add the $default$
record as shown above, then add this alias to ALIASES.TXT
:
*@example2.example1.com $default$@example2.example1.com
Yes, it does. Both the .CF
rule files and the ALIASES.TXT
will include files using @filename
:
@pmas_data:my-local-aliases.txt
They're read in and applied wherever the include line appears, relative to the other lines in the files.
Also note that the included files cannot include other files (i.e, only the master file can include files, but it can include however many files you wish to include.
You can edit PMAS_HTML:PMAS_ALLOWLIST.TEMPLATE
and remove the section that offers that option (and saving it as .HTML
). PMAS V3.0-1 and higher includes a configuration variable that can be used to hide this feature.
Yes, they're logged in PMAS_LOG:PMAS.LOG
, code L
.
You can also turn on the logs for the PMAS PTSMTP worker processes by defining this logical:
$ define/system/exec pmas_ptsmtp_worker_log true
and restarting PMAS. Those logs will include debugging information from the DNSBLplug.
Allowed. The order is this:
If a message matches an allow rule, the rest of the tests are ignored. If not, the block and reject tests are run; if one matches, the rest are ignored. Next the quarantine rules are run; if one matches, the message is quarantined, and the normal PMAS rules are never run. Only when a message does not match an allow, block, reject, or quarantine rule are the normal PMAS rules run.
And user rules always override system rules, so a user block will override a system allow (as, in fact, the system rules are never applied).
There is no limit, unless you define the site limit. And even if you define a site limit, the allow/block/rule rules are all applied.
A new configuration variable, MAXIMUM_SCAN_SIZE
, can be defined to specify the largest size a message can be and still be scanned by PMAS. Unlike the old limit, the user and system allow/block lists are applied to the messages before the size is checked, providing more control over a large message's disposition. If the variable is undefined or defined as 0, there are no message size limits enforced.
Please report it to the Report-Spam@lists.process.com mailing list. We do not usually reply to Report-Spam posts, but every one is reviewed. We encourage customers to report missed spam as it is not always possible that we have seen a particular type of message.
It's best if you can send the message in its original, unaltered form.
Please do not forward the messages from Outlook or other PC clients, as they change the format and strip out useful information.
The following directories need to be copied:
PMAS_ROOT:[DATA] -> /pmas/data PMAS_ROOT:[USERS] -> /pmas/user_rules PMAS_ROOT:[GROUPS...] (if they have any)
Install PreciseMail on Linux, then copy those directory contents over.
$ define/system/exec ptsmtp_show_status true
That'll cause the logical PTSMTP_STATUS_INFO
to be maintained:
"PTSMTP_STATUS_INFO" = "Workers: 4, Pending accepts: 0"
If you also define this one:
$ define/system/exec ptsmtp_worker_status true
your workers' process names will show their active or idle status:
$ sho system 2020C3C7 PTSMTP 0001a LEF 4 959555 0 00:09:32.29 17375 4925 2020B7C9 PTSMTP 0002i LEF 6 113464 0 00:01:15.11 7055 820 2020C7CA PTSMTP 0003i LEF 6 17602 0 00:00:14.11 4450 559 2020C5CB PTSMTP 0004i LEF 6 7660 0 00:00:06.29 3047 553
It is good if "pending accepts" is 0 or close to it. That means no connection is waiting for a worker.