LISTSERV at Work L-Soft
Issue 1, 2010

   Tech Tip: LISTSERV


Q: How Can I Configure LISTSERV's SMTP Listener to Filter Spam?

Answer by Liam Kelly
Senior Consulting Analyst, L-Soft

As we've addressed in previous Tech Tips, the LISTSERV administrator has many methods at her disposal for keeping unsolicited email (spam) from reaching LISTSERV lists. Linux/UNIX administrators have always had the added option of using spam filters on the local mail server, eliminating much of the unsolicited mail before it gets to the LISTSERV application. Because LISTSERV for Windows uses its own SMTP listener (SMTPL) service, Windows administrators have had to either filter spam with some intermediary mail exchanger (MX) prior to routing mail to the LISTSERV machine, or use the LISTSERV SPAM_EXIT function to trap spam once it enters the LISTSERV system.

Starting with LISTSERV 16.0, Windows administrators have the option to use spam filtering during the inbound connection to SMTPL. This has the multiple advantages of being multi-threaded (SMTPL can submit multiple messages to a spam scanner in parallel, while LISTSERV processing is single-threaded and submits one message at a time) and of reducing the overall processing load on the LISTSERV server. If a message is rejected by SMTPL during the SMTP transaction, it never needs to be written to disk and never needs to be evaluated by any of LISTSERV's internal spam filtering mechanisms. As such, filtering mail through SMTPL is much more efficient than using the LISTSERV SPAM_EXIT method.

Architecture

LISTSERV's SMTP spam scanning works by way of an external spam scanner. When a message is submitted via SMTP, SMTPL.EXE will write the message to an input file and call an external script to parse that file. The script should call a command-line spam scanner, parse the result, and write either 'ACCEPT' or 'REJECT' (followed by an SMTP reply code)' back to the input file before exiting. Based on the ACCEPT/REJECT result returned by the scanning script, SMTPL will either accept the message and submit it to the \LISTSERV\SPOOL directory, or reject it with the error code provided by the script.

For the sake of our examples, we'll use the open-source SpamAssassin scanner. However, it should be possible for SMTPL to query any spam scanning system with a command-line interface for submitting messages and parsing scan results. The input filename is passed to the SMTP_SPAM_EXIT script as an argument. The exit script needs to parse the file, send it to the spam scanner for a result and then write the result and reply code back to the file.

Preparation

To use the L-Soft supplied sample script with SpamAssassin, you should first configure the SpamAssassin server, per the SpamAssassin documentation. Make sure that the IP address of the LISTSERV server is allowed to contact the SpamAssassin listener to submit messages for scanning. On the LISTSERV server, download https://ftp.lsoft.com/listserv/windows/contrib/lspamc.exe and save it to \LISTSERV\MAIN. LSPAMC.EXE is the program that will actually submit messages to the SpamAssassin listener. Test the program as follows:

C:\LISTSERV\MAIN> LSPAMC -c -d spamd.example.org < C:\TEMP\testmsg.txt

where 'spamd.example.org' is the name of the SpamAssassin server, and 'C:\TEMP\testmsg.txt' is a text file containing a message to scan. The result should be a numeric result, e.g.:

C:\LISTSERV\MAIN> LSPAMC -c -d spamd.example.org < C:\TEMP\testmsg.txt
3.8/5.0

Configuration

Once LSPAMC.EXE is working, install the REXX interpreter and SASMTPL.REXX script from L-Soft's FTP site, and place them in \LISTSERV\MAIN:

https://ftp.lsoft.com/LISTSERV/Windows/CONTRIB/REXX.EXE

https://ftp.lsoft.com/LISTSERV/Windows/CONTRIB/SASMTPL.REXX

Edit the SASMTPL.REXX script to include the hostname(s) of your SpamAssassin server(s):

spamd_hostname = 'spamd.example.org'
spamd_fallback = 'spamd2.example.org'

Finally, edit \LISTSERV\MAIN\SITE.CFG to include the following lines:

SMTP_SPAM_EXIT=!C:\LISTSERV\MAIN\REXX.EXE C:\LISTSERV\MAIN\SASMTPL.REXX
SMTP_SPAM_THREADS=75
SMTP_SPAM_CHECK=%MYDOMAIN%

Make sure that the SMTP_SPAM_EXIT setting contains the correct paths for your LISTSERV installation. SMTP_SPAM_THREADS determines the number of parallel spam scanning threads that SMTPL.EXE will use. More threads mean more memory usage but also great parallelism for scanning. L-Soft recommends starting with a setting of 75 and adjusting up or down from there. This should use approximately 1GB of memory, but memory usage will vary greatly with the size of the messages being scanned.

Once you've added the SITE.CFG settings, restart the LISTSERV SMTP Listener process to enable the changes. SMTPL should submit messages to the REXX script, which will in turn call LSPAMC.EXE to check the message with SpamAssassin. The result gets passed back to SMTPL by way of the input file, and the scan gets written to the SPAM-yyyymmdd.LOG file in \LISTSERV\LOG.

References

LISTSERV 16.0 What's New Manual

LISTSERV 16.0 Advanced Topics Manual

SpamAssassin


Subscribe to LISTSERV at Work (American Edition).


© L-Soft 2010. All Rights Reserved.