https://wiki.koozali.org/api.php?action=feedcontributions&user=Knuddi&feedformat=atomSME Server - User contributions [en]2024-03-28T14:40:06ZUser contributionsMediaWiki 1.35.5https://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33513SMEOptimizer2017-06-06T17:48:45Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin or it can directly reject via the qpsmtpd plugin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next considered functionality is=====<br />
<br />
* Allow you to configure file extensions that you do not allow (the system will handle the signatures)<br />
* Use the DNS Blacklist directly to reject reason and not wait for SpamAssassin<br />
* you suggestions - let me know..<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
-DNSBL=[qpsmtpd|sa]: This configures whether the DNS blacklist lookup rejects directly (qpsmtpd) or scores (sa=SpamAssassin).<br />
<br />
<br />
==Privacy and Security==<br />
The solution is dependent of the joint forces of the contributing SME servers and therefore data is shared to succeed. All communication between your SME servers and the SMEOptimizer server(s) are done via HTTPS when reporting and simple DNS lookups when checking.<br />
<br />
====DNS Blacklist====<br />
All IP and URL/URI checks are performed a simple DNS lookups either inline via the qpsmtpd plugin or through SpamAssassin. The sending IP address or domain is used for this lookup just as any other DNS blacklist (Spamhaus, etc.). <br />
<br />
When your own server, based on your configured DNS blacklists, rejects a mail the SMEOptimizer qpsmtpd plugin will capture the sending IP address and the sender domain as well as the return text from the dnsbl plugin (Usually a link provided by the DNS blacklist service for further details). These details are stored in a local MySQL database and on a hourly basis transferred via HTTPS PUT to the SMEOptimizer server. Here, based on a score system, they are added to the shared DNS Blacklist for all to benefit from.<br />
<br />
====Attachment Filter====<br />
The system will generate a SHA1 hash based on the attached file and check this hash via a DNS lookup against the SMEOptimizer DNS server. If there is a match (A record), then the TXT record for this key provides a SHA256 and a filesize as well as Virus/Malware description. The SHA256 and size will be used to double verify the match and the description to provide a proper reject message in the qpsmtpd plugin.<br />
<br />
If there is not match, then the SHA1, SHA256, file size and filename is stored in a local MySQL database. The SHA256 is checked up against VirusTotal and if there is a match then SHA1, SHA256, file size and filename will be sent to the SMEOptimizer server via a HTTPS PUT request. VirusTotal only allows free checke every 15 seconds and therefore this cannot be done inline (within the qpsmtpd plugin).<br />
<br />
A no time will any attachment content leave your local server and be shared anywhere.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33463SMEOptimizer2017-05-25T09:46:41Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next considered functionality is=====<br />
<br />
* Allow you to configure file extensions that you do not allow (the system will handle the signatures)<br />
* Use the DNS Blacklist directly to reject reason and not wait for SpamAssassin<br />
* you suggestions - let me know..<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==Privacy and Security==<br />
The solution is dependent of the joint forces of the contributing SME servers and therefore data is shared to succeed. All communication between your SME servers and the SMEOptimizer server(s) are done via HTTPS when reporting and simple DNS lookups when checking.<br />
<br />
====DNS Blacklist====<br />
All IP and URL/URI checks are performed a simple DNS lookups through SpamAssassin and the sending IP address or domain is used for this lookup just as any other DNS blacklist (Spamhaus, etc.). <br />
<br />
When your own server, based on your configured DNS blacklists, rejects a mail the SMEOptimizer qpsmtpd plugin will capture the sending IP address and the sender domain as well as the return text from the dnsbl plugin (Usually a link provided by the DNS blacklist service for further details). These details are stored in a local MySQL database and on a hourly basis transferred via HTTPS PUT to the SMEOptimizer server. Here, based on a score system, they are added to the shared DNS Blacklist for all to benefit from.<br />
<br />
====Attachment Filter====<br />
The system will generate a SHA1 hash based on the attached file and check this hash via a DNS lookup against the SMEOptimizer DNS server. If there is a match (A record), then the TXT record for this key provides a SHA256 and a filesize as well as Virus/Malware description. The SHA256 and size will be used to double verify the match and the description to provide a proper reject message in the qpsmtpd plugin.<br />
<br />
If there is not match, then the SHA1, SHA256, file size and filename is stored in a local MySQL database. The SHA256 is checked up against VirusTotal and if there is a match then SHA1, SHA256, file size and filename will be sent to the SMEOptimizer server via a HTTPS PUT request. VirusTotal only allows free checke every 15 seconds and therefore this cannot be done inline (within the qpsmtpd plugin).<br />
<br />
A no time will any attachment content leave your local server and be shared anywhere.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33462SMEOptimizer2017-05-25T09:03:53Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next considered functionality is=====<br />
<br />
* Allow you to configure file extensions that you do not allow (the system will handle the signatures)<br />
* Use the DNS Blacklist directly to reject reason and not wait for SpamAssassin<br />
* you suggestions - let me know..<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==Privacy and Security==<br />
The solution is dependent of the joint forces of the contributing SME servers and therefore data is shared to succeed. All communication between your SME servers and the SMEOptimizer server(s) are done via HTTPS when reporting and simple DNS lookups when checking.<br />
<br />
====DNS Blacklist====<br />
All IP and URL/URI checks are performed a simple DNS lookups through SpamAssassin and the sending IP address or domain is used for this lookup just as any other DNS blacklist (Spamhaus, etc.). <br />
<br />
When your own server, based on your configured DNS blacklists, rejects a mail the SMEOptimizer qpsmtpd plugin will capture the sending IP address and the sender domain as well as the return text from the dnsbl plugin (Usually a link provided by the DNS blacklist service for further details). These details are stored in a local MySQL database and on a hourly basis transferred via HTTPS PUT to the SMEOptimizer server. Here, based on a score system, they are added to the shared DNS Blacklist for all to benefit from.<br />
<br />
====Attachment Filter====<br />
The system will generate a SHA1 hash based on the attached file and check this hash via a DNS lookup against the SMEOptimizer DNS server. If there is a match (A record), then the TXT record for this key provides a SHA256 and a filesize as well as Virus/Malware description. The SHA256 and size will be used to double verify the match and the description to provide a proper reject message in the qpsmtpd plugin.<br />
<br />
If there is not match, then the SHA1, SHA256, file size and filename is stored in a local MySQL database. The SHA256 is checked up against VirusTotal and if there is a match then SHA1, SHA256, file size and filename will be sent to the SMEOptimizer server via a HTTPS PUT request.<br />
<br />
A no time will any attachment content leave your local server and be shared anywhere.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33461SMEOptimizer2017-05-25T08:52:27Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next considered functionality is=====<br />
<br />
* Allow you to configure file extensions that you do not allow (the system will handle the signatures)<br />
* Use the DNS Blacklist directly to reject reason and not wait for SpamAssassin<br />
* you suggestions - let me know..<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==Privacy and Security==<br />
The solution is dependent of the joint forces of the contributing SME servers and therefore data is shared to succeed. All communication between your SME servers and the SMEOptimizer server(s) are done via HTTPS when reporting and simple DNS lookups when checking.<br />
<br />
====DNS Blacklist====<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
====Attachment Filter====<br />
The system will generate a SHA1 hash based on the attached file and check this hash via a DNS lookup against the SMEOptimizer DNS server. If there is a match (A record), then the TXT record for this key provides a SHA256 and a filesize as well as Virus/Malware description. The SHA256 and size will be used to double verify the match and the description to provide a proper reject message in the qpsmtpd plugin.<br />
<br />
If there is not match, then the SHA1, SHA256, file size and filename is stored in a local MySQL database. The SHA256 is checked up against VirusTotal and if there is a match then SHA1, SHA256, file size and filename will be sent to the SMEOptimizer server via a HTTPS PUT request.<br />
<br />
A no time will any attachment content leave your local server and be shared anywhere.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33460SMEOptimizer2017-05-25T08:19:02Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next considered functionality is=====<br />
<br />
* Allow you to configure file extensions that you do not allow (the system will handle the signatures)<br />
* Use the DNS Blacklist directly to reject reason and not wait for SpamAssassin<br />
* you suggestions - let me know..<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33459SMEOptimizer2017-05-25T08:16:01Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has shown very efficient in the [https://en.wikipedia.org/wiki/WannaCry_ransomware_attack WannaCry] attack where you will be dependent of more AV engines. <br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33458SMEOptimizer2017-05-25T08:11:32Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [https://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33457SMEOptimizer2017-05-24T18:58:50Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
When the attachment filter is active you will start to see log entries in /var/log/smeoptimizer.log such as these:<br />
<br />
24-5-2017, 13:19:01 - Checking for attachments<br />
24-5-2017, 13:19:01 - VT: OK - "3979_b679479a-fe04-439d-a86c-2e354ebd8908_d66ebd92-a361-4dd3-a32a-0f26642eebf5.pdf" didn't have any detected virus<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33456SMEOptimizer2017-05-24T18:56:51Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON perl-Email-MIME<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33455SMEOptimizer2017-05-24T18:54:09Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it. The SMEOptimizer will confirm it the API key is valid.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33454SMEOptimizer2017-05-24T18:53:24Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Server Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
Now in order to use the attachment filter you need to register with VirusTotal to get your personal API key. When you have this key you need to configure the system to use it.<br />
<br />
./SMEOptimizer.pl --VTAPI=<API key><br />
<br />
Then there is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33451SMEOptimizer2017-05-22T19:32:07Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Remote Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [https://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33450SMEOptimizer2017-05-22T19:31:45Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Remote Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free [http://virustotal.com VirusTotal] public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33449SMEOptimizer2017-05-22T19:10:06Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Remote Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free VirusTotal public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This system is not expected to catch much (ClamAV does a fine job) but has show very efficient in the WannaCry attack where you will be dependent of more AV engines. This is currently in Beta, so reach out if you want to participate.<br />
<br />
=====The next planned functionality is=====<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33448SMEOptimizer2017-05-22T19:08:37Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Remote Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free VirusTotal public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This is currently in Beta, so reach out if you want to participate.<br />
<br />
The next planned functionality is:<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
Attachment Filter : Enabled<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
-VTAPI=[API Key]: This is the VirusTotal public API key used to check attachments (will remain local).<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=33447SMEOptimizer2017-05-22T19:07:13Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality and efficiency of the e-mail system in SME Server. <br />
<br />
=====SME Dedicated DNS Blacklist=====<br />
The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
=====Remote Monitoring=====<br />
The second functionality is remote monitoring of your SME server. The system will on a daily basis check whether your server (it IP address) is listed in international DNS blacklist. Further more it will on an hourly basis check whether your server for SMTP availability.<br />
<br />
=====Attachment Filter=====<br />
The system will (currently only on SME 9.2) check file attachments hashes up against a DNS based system. This will allow an extra check beyond the build-in ClamAV as this check contains malicious file hashes found by other AV engines. This functionality requires you to register for a free VirusTotal public API and configure the system to use it. This means that your system will, in the background, build up the has databases and all other users will benefit. This is currently in Beta, so reach out if you want to participate.<br />
<br />
The next planned functionality is:<br />
<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32213SMEOptimizer2016-10-14T05:45:03Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The second functionality is remote monitoring of your SME server - both for SMTP availability and whether the server is listed in DNS Blacklists.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
rm /usr/share/qpsmtpd/plugins/smeoptimizer<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
sv t qpsmtpd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32212SMEOptimizer2016-10-13T18:41:59Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jesper@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The second functionality is remote monitoring of your SME server - both for SMTP availability and whether the server is listed in DNS Blacklists.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32211SMEOptimizer2016-10-13T18:39:52Z<p>Knuddi: </p>
<hr />
<div><br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]. If you have any question on its functionality or what it does, then just write me at jkn@swerts-knudsen.dk.<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The second functionality is remote monitoring of your SME server - both for SMTP availability and whether the server is listed in DNS Blacklists.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender domain and the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32210SMEOptimizer2016-10-13T18:34:24Z<p>Knuddi: </p>
<hr />
<div>{{WIP box}}<br />
{{Note box|Please note that this how-to is being developed and and is in a testing phase. Testers are welcomed with non productions servers.}} <br />
==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The second functionality is remote monitoring of your SME server - both for SMTP availability and whether the server is listed in DNS Blacklists.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
==Uninstall SMEOptimizer==<br />
If you want to uninstall the script again then please just remove the following files and expand templates.<br />
<br />
rm -rf /usr/local/smeoptimizer<br />
rm /etc/e-smith/templates/etc/crontab/smeoptimizer.cron.template<br />
rm /etc/e-smith/templates/var/service/qpsmtpd/config/peers/0/01smeoptimizer<br />
rm /etc/mail/spamassassin/smeoptimizer.cf<br />
/sbin/e-smith/expand-template /etc/crontab<br />
/sbin/e-smith/expand-template /var/service/qpsmtpd/config/peers/0<br />
sv t spamd<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32205SMEOptimizer2016-10-10T08:50:34Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350,000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The second functionality is remote monitoring of your SME server - both for SMTP availability and whether the server is listed in DNS Blacklists.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions... let me know...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32203SMEOptimizer2016-10-09T19:16:22Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32202SMEOptimizer2016-10-09T19:16:01Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail:<br />
<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
When (and if) the server is not listed anymore, another mail will be sent to the administrator notifying about the release.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32201SMEOptimizer2016-10-09T19:13:48Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
When a server is seen in a DNS blacklist, the admin will get the following type of e-mail.<br />
[[File:SMEOptimizerBlacklist.PNG|600px]]<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=File:SMEOptimizerBlacklist.PNG&diff=32200File:SMEOptimizerBlacklist.PNG2016-10-09T19:06:20Z<p>Knuddi: </p>
<hr />
<div></div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32199SMEOptimizer2016-10-09T17:15:41Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl --initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==Server Monitoring==<br />
SMEOptimizer will from remote monitor whether your server is online by on a regularly basis checking access to SMTP. SMEOptimizer will also on a daily basis check whether your server has been listed in a international DNS Blacklist. Currently the daily check is up against ~80+ different blacklists.<br />
If your server experience SMTP problems or gets listed in a DNS blacklist you will receive an alert from the system.<br />
<br />
==Check Status of SMEOptimizer==<br />
You can check the current status by issued the command line option --status<br />
<br />
# ./SMEOptimizer.pl --status<br />
<br />
Contact Email : jkn@swerts-knudsen.dk<br />
Alerts : Yes<br />
Spam Reports : 87<br />
Registered : 2016-10-07 16:03:52<br />
Last SpamReports : 2016-10-09 18:23:02<br />
<br />
==SMEOptimizer Configuration==<br />
You can always see the different configuration options by issuing the --help command.<br />
<br />
# ./SMEOptimizer.pl --help<br />
<br />
Command line options:<br />
-help: Shows this help<br />
-initialize: Register and retrieve the configuration and enable the cronjob services.<br />
When the registration has been confirmed, then all services will be activated automatically.<br />
-status: Shows the current status of the SME Optimizer.<br />
-alerts=[Yes|No]: Enable checks and alerts for SME server downtime or registration in DNS Blacklist - default Yes.<br />
-contact=[Email]: Set the contact email address where alerts are sent to - default admin@<your domain>.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32197SMEOptimizer2016-10-07T08:40:43Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –-initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32196SMEOptimizer2016-10-06T15:14:15Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
==RPM Download instructions==<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32195SMEOptimizer2016-10-06T15:13:30Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core but can be downloaded from the [[epel]] repository. If you cannot get them at epel, then see download instructions below.<br />
<br />
yum install --enablerepo=epel perl-Digest-MD5-File perl-JSON<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database which will be used for configuration and logging.<br />
{{Note box|Please note that you *have* to use the below credentials (database, user and password).}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
<br />
===RPM Download instructions===<br />
If you do <u>'''not'''</u> use the epel repository, then the needed Perl modules can be downloaded here. <br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32194SMEOptimizer2016-10-05T20:58:17Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
{{Note box|Please note that you *have* to use the below credentials for now during the testing phase.}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
{{Note box|Please note that both the required perl modules are available from the [[epel]] repository}}<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==FAQ==<br />
* Question: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
** Answer: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32193SMEOptimizer2016-10-05T20:56:18Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
{{Note box|Please note that you *have* to use the below credentials for now during the testing phase.}}<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
{{Note box|Please note that both the required perl modules are available from the [[epel]] repository}}<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
==FAQ==<br />
Q: What is transferred from my server to the central server as part of the spam report that is used to build the DNS Blacklist?<br />
A: The qpsmtpd plugin captures the sender address, recipient address, the sending ipaddress, the qpsmtpd plugin which rejected the mail and the plugins return text.<br />
<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32191SMEOptimizer2016-10-05T20:22:39Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
{{Note box|Please note that both the required perl modules are available from the [[epel]] repository}}<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32190SMEOptimizer2016-10-05T19:58:46Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'\@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
{{Note box|Please note that both the required perl modules are available from the [[epel]] repository}}<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam. Notice that each individual server need to be registered with its SME server unique ID.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.<br />
<br />
----<br />
[[Category:Contrib]]</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32186SMEOptimizer2016-10-05T13:02:26Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
* The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
* Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
* Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
* Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
* Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'\@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Follow the guide and register the server. Notice that each individual server need to be registered with its unique ID:<br />
<br />
./SMEOptimizer.pl –register<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32185SMEOptimizer2016-10-05T13:01:30Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
The next planned functionality is:<br />
- The site [http://smeoptimizer.com www.smeoptimizer.com] will allow you to register servers for free<br />
- Remote monitoring of the server with alarms if its down or doesn't respond to SMTP connections<br />
- Providing additional Clam AV signatures including additional signatures created via interface to VirusTotal<br />
- Enhanced attachment filter that does not require admin to generate signatures but just configure extensions<br />
- Your suggestions...<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Create and configure the MySQL database<br />
mysqladmin create smeoptimizer<br />
mysql smeoptimizer<br />
<br />
Now configure the database<br />
<br />
GRANT ALL PRIVILEGES ON smeoptimizer.* TO 'smeoptimizer'\@'localhost' IDENTIFIED BY 'password';<br />
FLUSH PRIVILEGES; <br />
EXIT<br />
<br />
Now make sure to install the two Perl modules which is not part of the SME core<br />
<br />
====For SME 8.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME8/perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME8/perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el5.rf.noarch.rpm perl-JSON-2.50-1.el5.rf.noarch.rpm<br />
<br />
====For SME 9.x====<br />
<br />
wget http://smeoptimizer.com/downloads/SME9/perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm<br />
wget http://smeoptimizer.com/downloads/SME9/perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
yum localinstall perl-Digest-MD5-File-0.07-1.el6.rf.noarch.rpm perl-JSON-2.50-1.el6.rfx.noarch.rpm<br />
<br />
Follow the guide and register the server. Notice that each individual server need to be registered with its unique ID:<br />
<br />
./SMEOptimizer.pl –register<br />
<br />
Now initialize which will start the cron jobs that checks for new functionality and reports spam.<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32184SMEOptimizer2016-10-05T07:13:39Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. <br />
<br />
The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget -q http://smeoptimizer.com/SMEOptimizer.pl.updated -O SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Follow the guide and register the server:<br />
<br />
./SMEOptimizer.pl –register<br />
<br />
Now initialize (and follow the guide on how to make the SQL database)<br />
<br />
./SMEOptimizer.pl –initialize<br />
<br />
There is no further need for configuration or installation as the SMEOptimizer script automatically will get and install the qpsmtpd plugin that handles capturing the rejected spam messages and also the SpamAssassin configuration file which contains the DNS blacklist configuration. All action will be logged in the /var/log/smeoptimizer.log file.</div>Knuddihttps://wiki.koozali.org/index.php?title=SMEOptimizer&diff=32183SMEOptimizer2016-10-05T07:08:52Z<p>Knuddi: Created page with "==Maintainer== This contrib has been developed by Jesper Knudsen from [http://smeoptimizer.com SME Optimizer] ==Description== SME Optimizer is an external se..."</p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.com SME Optimizer]<br />
<br />
==Description==<br />
<br />
SME Optimizer is an external service that generally enhances the functionality of the SME Server. The first functionality is a SME dedicated DNS Blacklist which is partially based on the user contributions. With SME Optimizer you provide data about your spam rejects and in return you get access to a large DNS blacklist. This blacklist is both providing IP as well as URI based lists and comes as a configuration option to SpamAssassin. <br />
<br />
The DNS Blacklist has as of today (October 2016) around 1.4 mio. Spam, Malware and Ransomware IP addresses as well as around 350.000 URIs. These will be provided as part of the DNS Blacklist.<br />
<br />
==Installation==<br />
<br />
mkdir /usr/local/smeoptimizer<br />
cd /usr/local/smeoptimizer<br />
wget http://smeoptimizer.com/SMEOptimizer.pl.updated<br />
mv SMEOptimizer.pl.updated SMEOptimizer.pl<br />
chmod +x SMEOptimizer.pl<br />
<br />
Follow the guide and register the server:<br />
<br />
./SMEOptimizer.pl –register<br />
<br />
Now initialize (and follow the guide on how to make the SQL database)<br />
<br />
./SMEOptimizer.pl –initialize</div>Knuddihttps://wiki.koozali.org/index.php?title=OpenVPN&diff=20073OpenVPN2013-05-25T08:54:18Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This howto has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk SME Optimizer]<br />
<br />
==Description==<br />
OpenVPN (http://www.openvpn.net) is an excellent way to provide remote access to users from home or on the road. OpenVPN provides a complete replacement of the time to time unreliable PPTP VPN which is a part of the standard SME distribution. This Howto is focused on using OpenVPN in routed mode as a Windows 2k/XP/Vista Client to Server VPN connection. The installation consists of two steps, first the the portion which resides on the server and then the Client. I the following setup it is assumed that the local IP range for the private network is 192.168.1.0/24 and that the tunneled VPN network will be 192.168.100.0/24.<br />
<br />
{{Note box|From OpenVPN website: I would recommend using routing unless you need a specific feature which requires bridging, such as:<br />
* the VPN needs to be able to handle non-IP protocols such as IPX,<br />
* you are running applications over the VPN which rely on network broadcasts (such as LAN games), or<br />
* you would like to allow browsing of Windows file shares across the VPN without setting up a Samba or WINS server. }}<br />
<br />
{{Note box|OpenVPN-Bridge contribution is an alternative to this (with even a server-manager panel) but is more targeted site<->end clients configurations. See http://wiki.contribs.org/OpenVPN_Bridge}}<br />
<br />
{{Note box|You can also take a look at http://wiki.contribs.org/OpenVPN_SiteToSite . It's an alternative, with a panel in the server-manager and is specially made to connect several SME Servers together.}}<br />
<br />
==OpenVPN Server Configuration==<br />
For SME 7x, first Collect and install the rpm`s as indicated below. The RPM are taken from DAG's repository which is pretty extensive.<br />
<br />
cd /root<br />
mkdir openvpn<br />
cd openvpn<br />
wget http://rpmforge.sw.be/redhat/el4/en/i386/rpmforge/RPMS/lzo-2.04-1.el4.rf.i386.rpm<br />
wget http://dag.wieers.com/rpm/packages/openvpn/openvpn-2.0.9-1.el4.rf.i386.rpm<br />
rpm -Uvh *.rpm<br />
<br />
For SME 8x, the easiest way is to get the RPM from the DAG repository.<br />
<br />
cd /root<br />
mkdir openvpn<br />
cd openvpn<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/lzo-2.06-1.el5.rf.i386.rpm<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/openvpn-2.2.2-1.el5.rf.i386.rpm<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/pkcs11-helper-1.08-1.el5.rf.i386.rpm (--[[User:Ddougan|Ddougan]] 20:53, 6 September 2012 (MDT))<br />
rpm -Uvh *.rpm<br />
<br />
Now its time to create the keys. The openvpn configs live in /etc/openvpn. First we need to edit the file with default values to match our installation. Open the file "vars" and Edit the default values to reflect your setup at the bottom of the file (KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG, KEY_EMAIL). Default we use 1024 bit Diffie Hellman but this can be changed to 2048 or even 4096 bit keys (depending of your paranoia level..)<br />
<br />
cd /usr/share/doc/openvpn-2.0.9/easy-rsa<br />
pico vars<br />
<br />
Now we can create the master certificate. Choose the defaults as entered into the vars file. You will need to enter values for the "Organizational Unit Name" which you can set to "VPN" and"Common Name" could be set to "Server"<br />
<br />
source vars<br />
sh clean-all<br />
sh build-ca<br />
<br />
Now we can build the certificate/private-key pairs for both the server and clients. Again choose choose "Organizational Unit Name" and "Common Name" as above. Do not add "A Challenge password" when asked, just press <ENTER>. The same goes for "An optional company name". Sign the certificate in the end.<br />
<br />
sh build-key server<br />
<br />
Now its time for the Client certificate which is pretty much the same as before. Use "Client" as "Common Name" and "VPN" for "Organizational Unit Name". Do not add "A Challenge password" when asked, just press <ENTER>. The same goes for "An optional company name". Sign the certificate in the end.<br />
<br />
sh build-key client<br />
<br />
Finally we build the Diffie Hellman parameters.<br />
<br />
sh build-dh<br />
Generating DH parameters, 1024 bit long safe prime, generator 2<br />
This is going to take a long time<br />
..................<br />
<br />
And it can take a long time. Your generated keys will be in /usr/share/doc/openvpn-2.0.9/easy-rsa/keys. The key names - "Server" and "Client" are simply descriptive. Choose names that suit your setup. You can create as many keys as you like using the above method. ''clean-all'' will clean out your keys directory - so be careful. <br />
<br />
The newly generated keys needs to be copied to the the OpenVPN directory.<br />
<br />
cp keys/ca.crt /etc/openvpn<br />
cp keys/server.crt /etc/openvpn<br />
cp keys/server.key /etc/openvpn<br />
cp keys/dh1024.pem /etc/openvpn<br />
<br />
The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures. Only users that have VPN Client Access enabled in Server-Manager will be allowed to VPN.<br />
<br />
cd /etc/openvpn<br />
mkdir -p /var/log/openvpn<br />
wget http://sme.swerts-knudsen.dk/downloads/OpenVPN/OpenVPN.tgz<br />
tar xzf OpenVPN.tgz<br />
chmod 755 *.pl<br />
chmod 755 *.sh<br />
chmod 700 *.up<br />
rm -rf OpenVPN.tgz<br />
<br />
Now you need to make a few changes to the /etc/openvpn/server.conf. Change the domain name listed as ''yourdomain.com'', ensure that the DNS server pushed to the clients is correct (dhcp-option DNS 192.168.1.1) and lastly the route net pushed (route 192.168.1.0).<br />
<br />
port 1194<br />
dev tap<br />
tls-server<br />
dh dh1024.pem<br />
ca ca.crt<br />
cert server.crt<br />
key server.key<br />
auth-user-pass-verify ./validate.sh via-env<br />
client-disconnect ./logoff.sh<br />
up ./openvpn.up<br />
mode server<br />
duplicate-cn<br />
ifconfig 192.168.100.1 255.255.255.0<br />
ifconfig-pool 192.168.100.100 192.168.100.200 255.255.255.0 # IP range for OpenVPN clients<br />
mtu-test<br />
tun-mtu 1500<br />
tun-mtu-extra 32<br />
mssfix 1450<br />
ping 10<br />
ping-restart 120<br />
push "ping 10"<br />
push "ping-restart 60"<br />
push "dhcp-option DOMAIN <b>yourdomain.com</b>" # push the DNS domain suffix<br />
push "dhcp-option DNS <b>192.168.1.1</b>" # push primary DNS entry to the openvpn clients.<br />
push "route <b>192.168.1.0</b> 255.255.255.0 192.168.100.1" # add route to to protected network<br />
comp-lzo<br />
status-version 2<br />
status openvpn-status.log<br />
verb 3<br />
<br />
If you are running this server is "server-gateway mode" you now need to open port 1194 for UDP traffic as this is the default tunnel for OpenVPN. Now go into the Server Manager panel under port forwarding and forward UDP/1194 to "localhost". <br />
If your server is in "server mode" you also need to fiddle with IPTables. Install the port opener and ensure to update the navigation panel. You will now have a "Port Opening" in the "Configuration" sections of the server-manager. Use it to open UDP/1194.<br />
<br />
rpm -Uvh http://sme.swerts-knudsen.dk/downloads/dmc-mitel-portopening-0.0.1-4.noarch.rpm<br />
/etc/e-smith/events/actions/navigation-conf<br />
<br />
You now need to add the VPN address range as a local networks in the server-manager under the Security section. <br />
<br />
{{Note box|Router: IP address of the SME servers LAN net. I this example 192.168.1.1}} <br />
<br />
The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network.<br />
<br />
#!/bin/sh<br />
route del -net 192.168.100.0 netmask 255.255.255.0 gw <b>192.168.1.1</b><br />
route del -net 192.168.100.0 netmask 255.255.255.0 dev tap0<br />
route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.1 <br />
<br />
When you have changed the file to match your network we start the service.<br />
<br />
/etc/init.d/openvpn start<br />
<br />
Verify that the service is running correctly by issuing an "ifconfig" and see the new "tap0" device<br />
<br />
tap0 Link encap:Ethernet HWaddr 00:FF:A3:3C:75:18<br />
inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0<br />
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br />
RX packets:178204868 errors:0 dropped:0 overruns:0 frame:0<br />
TX packets:192915252 errors:0 dropped:1880 overruns:0 carrier:0<br />
collisions:0<br />
RX bytes:1802570258 (1719.0 Mb) TX bytes:1338165457 (1276.1 Mb)<br />
<br />
Now you want to ensure the the OpenVPN service starts every time you reboot your SME server.<br />
<br />
ln -s /etc/rc.d/init.d/openvpn /etc/rc7.d/S99OpenVPN<br />
<br />
==OpenVPN Client Configuration==<br />
<br />
The Win2k/XP/Vista client installation is quite simple and pretty much only require the Windows GUI and a configuration file. The Windows GUI can be downloaded from openvpn.net. If you run Vista you need to use the 2.1 Release Candidate (today RC9) http://openvpn.net/release/openvpn-2.1_rc9-install.exe to get it to work. Windows 2K/XP users can use the stable version http://openvpn.net/release/openvpn-2.0.9-install.exe<br />
<br />
When the GUI has been installed you need to create a configuration file for your VPN tunnel. Create a file in "C:/Program Files/OpenVPN/config" called VPN.ovpn with the following content and where you change the vpn.yourdomain.com to match your configuration.<br />
<br />
port 1194<br />
dev tap<br />
remote <b>vpn.yourdomain.com</b><br />
tls-client<br />
auth-user-pass<br />
ca ca.crt<br />
cert client.crt<br />
key client.key<br />
mtu-test<br />
tun-mtu 1500<br />
tun-mtu-extra 32<br />
mssfix 1450<br />
pull<br />
comp-lzo<br />
verb 4<br />
<br />
You now need to copy the Client keys you generated during the Server installation to the same directory on the Win2k/XP/Vista client. The following keys and certificates must be copied to the "C:/Program Files/OpenVPN/config" folder.<br />
<br />
* ca.crt<br />
* client.crt<br />
* client.key<br />
<br />
The Client installation is now complete and the user will be prompted upon login for the username and passwords.<br />
<br />
==FAQ==<br />
<br />
===When running the OpenVPN Client on MS Vista it fails updating routes===<br />
You need to make sure you run the OpenVPN GUI as administrator. See this page on details how to do that http://www.howtogeek.com/howto/windows-vista/always-start-an-application-in-administrator-mode-on-windows-vista/<br />
<br />
===How can I see which users are online or failed login?===<br />
Check the logfile in /var/log/openvpn/logins to see assigned IP, failures, etc.<br />
<br />
===How do I report a problem or a suggestion?===<br />
<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
<br />
----<br />
[[Category:Howto]]<br />
[[Category:Administration:VPN]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Unjunkmgr&diff=20072Unjunkmgr2013-05-25T08:53:54Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk SME Optimizer]<br />
<br />
==Description==<br />
I have for a long time had ”customers” that POP’ed emails from my servers and that therefore did not have a good chance to see and/or retrieve emails that had been sorted to the junkmail folder by SpamAssassin. The same actually goes for IMAP users that often ''forgot'' to look the junkmail folder when they thought emails were missing.<br />
<br />
I have therefore made a junkmail manager that on a weekly basis sends out a summary email to all users with a list of emails that have been sorted into the junkmail folder the recent week.<br />
<br />
If the user wishes to get one of these emails sent to the users inbox he/she can push the “UnJunk” link to the left. The system will, if UnJunk is pressed, teach SpamAssassin via the “sa-learn” command that this can be considered as “ham” next time. This means that it’s more likely that an email from this sender or with this content will pass the spam check next time. <br />
<br />
The Summary email that arrives per default Fridays at 1PM looks something like this:<br />
<br />
[[Image:Emailsummary.jpg]]<br />
<br />
==Installation==<br />
<br />
The package needs the Perl-MIME-Lite package to be able to send out HTML formatted emails and MRTG to create the statistics graphs. These packages are available from smecontribs and base respectively.<br />
<br />
wget http://sme.swerts-knudsen.dk/downloads/unjunkmgr/sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
yum --enablerepo=smecontribs --enablerepo=base localinstall sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
<br />
{{Note box|If you are running SME8 (beta), then you need to manually install an extra perl package as. Please issue a "yum update perl-Email-Date-Format"}} <br />
<br />
====Upgrading====<br />
<br />
wget http://sme.swerts-knudsen.dk/downloads/unjunkmgr/sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
yum --enablerepo=smecontribs --enablerepo=base localupdate sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
<br />
{{Note box|Note that I have found a bug in the older releases (1.0.x) causing updates to fail (main directory will be deleted by post install script...). This means that in order to upgrade to 1.1.3-1 you will need to uninstall the old version first and then do the install of the new. Side effect is that your old log files (statistics) will also be deleted. If you want to avoid this you need to save a copy of all *.old and *.log files within /usr/local/unjunkmgr directory. These can be copied back after install is completed.}} <br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove sme-unjunkmgr<br />
<br />
NOTE: If you are uninstalling version '''1.0.0-1''' you also need to also expand templates.<br />
expand-template /etc/crontab<br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
==Configuration==<br />
<br />
====Email Notifications====<br />
The UnJunk Manager sends out the summary email every Friday at 1PM to all users with emails stored in their junkmail folder. If you wish the admin account to get copied on all these user emails then this can be enabled/disabled with (default: no):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr adminemails <no|yes><br />
<br />
If you just want to use the UnJunk Manager to gather statistics and not send out any summary emails to the users you can disable this functionality with (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr useremails <no|yes><br />
<br />
How do I configure the UnJunkMgr to use an IP address or a different hostname rather than the primary domain name when it sends out the weekly overview (default: domainname)?<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr unjunkhost <hostname|IP address><br />
<br />
The summary emails contain a link to an web page where emails can be unjunked (released to he inbox). These URLs cann, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
====Statistics====<br />
<br />
The UnJunk Manager also collects statistics on the emails passing through the mail server. This is accessible from:<br />
<br />
http://your.domain.com/unjunkmgr<br />
<br />
This web page and the unjunk functionality as described above can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
[[Image:Unjunkwebstat.jpg]]<br />
<br />
An additional feature of the UnJunk Manager is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:<br />
<br />
* Amount of emails scanned<br />
* Number of spam infected (tagged and rejected) or virus infected emails (if virus found the ClamAV name)<br />
* The version of SME server used <br />
* Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)<br />
<br />
Should you want to disable this functionality then this can obviously be done:<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled><br />
<br />
====SpamAssassin bayes filters====<br />
<br />
The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.<br />
<br />
config setprop spamassassin UseBayes 1<br />
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00<br />
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10<br />
expand-template /etc/mail/spamassassin/local.cf<br />
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd<br />
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*<br />
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex<br />
chmod 640 /var/spool/spamd/.spamassassin/bayes_*<br />
config setprop spamassassin status enabled<br />
signal-event email-update<br />
<br />
<br />
Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.<br />
<br />
db configuration setprop spamassassin MessageRetentionTime 15 <br />
signal-event email-update <br />
<br />
====Unofficial ClamAV signatures====<br />
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.<br />
<br />
Follow the guide for [[Virus:Additional_Signatures|Additional Virus Signatures]] to do that.<br />
<br />
==FAQ==<br />
<br />
===How do I see what this Summary of Junkmail looks like without sending to all my users?===<br />
You will need to change config via:<br />
/sbin/e-smith/db configuration setprop unjunkmgr useremails no<br />
/sbin/e-smith/db configuration setprop unjunkmgr adminemails yes<br />
<br />
Then launch the reminder manually with: <br />
/usr/local/unjunkmgr/spamreminder.pl<br />
<br />
All the summary emails will now be sent to “admin”.<br />
<br />
===How do I change when the reminder email is sent out?===<br />
Currently this requires a manual change. Open in you preferred editor:<br />
<br />
/etc/e-smith/templates-custom/etc/crontab/unjunk<br />
<br />
Add extra lines to have reminder sent out more often or change the hour/day in the last line with the $OUT - Change the "5" to "1" for Monday rather than Friday.<br />
<br />
{<br />
use esmith::ConfigDB;<br />
<br />
my $dbh = esmith::ConfigDB->open() || die "Unable to open configuration dbase.";<br />
my %sa_conf = $dbh->get('unjunkmgr')->props;<br />
<br />
while (my ($parameter,$value) = each(%sa_conf)) {<br />
if ($parameter eq 'enabled') {<br />
$enabled = $value;<br />
}<br />
}<br />
<br />
$OUT = "";<br />
if (uc($enabled) eq 'YES') {<br />
$OUT .= "# Schedule the UnJunk every 5 minutes\n";<br />
$OUT .= "0-59/5 * * * * root /usr/local/unjunkmgr/spamchanger.pl -file=/tmp/unjunk.file\n";<br />
$OUT .= "\n";<br />
$OUT .= "# Schedule the weekly Blocked Junk Summary to arrive at 1PM Friday\n";<br />
$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday<br />
}<br />
}<br />
<br />
See the following schema for modifying the job scheduling:<br />
<br />
* * * * * command to be executed<br />
<br />
| | | | |<br />
| | | | +----- day of week (0 - 6) (Sunday=0)<br />
| | | +------- month (1 - 12)<br />
| | +--------- day of month (1 - 31)<br />
| +----------- hour (0 - 23)<br />
+------------- min (0 - 59)<br />
<br />
For example, the original entry:<br />
<br />
$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday<br />
<br />
is set to run at 13:00 (1pm) on Friday of every week, to change it to say run at 4:30pm Monday to Friday:<br />
<br />
$OUT .= "30 16 * * 1-5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Monday to Friday<br />
<br />
To see more detail on crontab scheduling see [http://www.adminschoice.com/docs/crontab.htm]<br />
<br />
Then expand templates<br />
<br />
expand-template /etc/crontab<br />
<br />
===How do I report a problem or a suggestion?===<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
<br />
==Revisions==<br />
{| border="1" style="background-color:#C0C0C0"<br />
|Release<br />
|Changes<br />
|- style="background-color:#FFFFFF"<br />
|1.0.0-1<br />
|First release<br />
|- style="background-color:#FFFFFF"<br />
|1.0.1-1<br />
|Updated web overview to have virus rigth and spam to the left.<br />
<br />
Fixed regex causing some warning messages during weekly spamreminder run if email subject were empty<br />
<br />
Improved uninstall to clean up properly <br />
|- style="background-color:#FFFFFF"<br />
|1.1.0-1<br />
|Updated statistics overview to use pie charts for spam and different tables for virus found<br />
<br />
Added new configuration parameters for most commonly asked changes to avoid hard-coding<br />
<br />
Improved log file checks to avoid catching errors and warnings from ClamAV<br />
<br />
Generally improved code to remove warnings to admin when sending weekly summary emails <br />
|- style="background-color:#FFFFFF"<br />
|1.1.1-1<br />
|Fixed problem with weekly emails (error line 112 in spamreminder.pl)<br />
<br />
Fixed problem in post-upgrade script that caused upgrades from earlier versions to fail<br />
<br />
|- style="background-color:#FFFFFF"<br />
|1.1.3-1<br />
|Now also counting rejected emails that never reaches SpamAssassin (rejected due to missing mailbox, reverse DNS fails, etc.)<br />
<br />
Fixed problem using unjunkhost configuration parameter<br />
<br />
Updated style sheets (CSS) to show nicely also using IE<br />
<br />
Added statistic for top spammed email accounts <br />
<br />
|}<br />
----<br />
[[Category:Mail]]<br />
[[Category:Contrib]]<br />
[[Category:Administration:Content Spam Virus Blocking]]<br />
[[Category:Administration:Monitoring]]</div>Knuddihttps://wiki.koozali.org/index.php?title=DSPAM&diff=20071DSPAM2013-05-25T08:53:36Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk SME Optimizer]<br />
<br />
==Description==<br />
I have for a long time used SME's built-in SpamAssassin with a few custom additions to get rid of most of my spam. Recently I noticed that the [http://dspam.nuclearelephant.com/ DSPAM] project was alive again and have since heard from many sources that it did a great job for them. I did not want to get rid of SpamAssassin but wanted to combine the strength of the two spam engines. One of the "weaknesses" of DSPAM is that it requires a significant amount of training before it provides reliable result - this training I am using SpamAssassin scoring to provide.<br />
<br />
I have therefore made this DSPAM plug-in which works in co-operation with SpamAssassin to get rid of even more spam.<br />
<br />
This contrib consists for most of two items: <br />
* qpsmtpd plugin which handles the training of the DSPAM engines based on SpamAssassin results and the which also, when training is complete, ensures that emails are classified with DSPAM for later scoring.<br />
* SpamAssassin plugin which used the DSPAM classification results to provide additional SpamAssassin scoring based on the DSPAM classification.<br />
<br />
==Installation==<br />
<br />
The package needs a working DSPAM installation and the sme-dspam contrib. ONLY SME 7x - Not support for SME 8x<br />
<br />
wget \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/sme-dspam-1.0.2-5.noarch.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/dspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-mysql-3.9.0-sme7.i386.rpm<br />
yum localinstall \<br />
sme-dspam-1.0.2-5.noarch.rpm \<br />
dspam-3.9.0-sme7.i386.rpm \<br />
libdspam-3.9.0-sme7.i386.rpm \<br />
libdspam-mysql-3.9.0-sme7.i386.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove sme-dspam<br />
<br />
==Configuration==<br />
<br />
The contrib initially does DSPAM training and will continue to do so until DSPAM claims that training is complete. It monitors the output of "dspam_stats -H" to see when training has completed and will then switch to scoring/tagging mode. When training is complete the admin will receive an email notification. Until it received this mode you will not see any DSPAM benefits. <br />
<br />
The training of DSPAM is done based on SpamAssassin scores and by default it will train as SPAM if SpamAssassin rejects the email and score is above 9. It will train as ham (DSPAM terminology innocent) when mail is scores lower than 5 by SpamAssassin.<br />
<br />
These two values can be configured by the config system<br />
<br />
config setprop dspam hamlevel xx (default: 5)<br />
config setprop dspam spamlevel xx (default: 9)<br />
<br />
and then do a:<br />
<br />
signal-event email-update<br />
<br />
==Statistics==<br />
<br />
===DSPAM Specific Statistics===<br />
You can follow how DSPAM is doing by use of the dspam_stats command. Below is an example where I started the tagging process before training was complete. Here you can see that 4 emails reported as False Negatives meaning DSPAM claimed they were ham and SpamAssassin scored them as Spam (above spamlevel).<br />
<br />
[root@mx]# dspam_stats -H<br />
qpsmtpd:<br />
TP True Positives: 71<br />
TN True Negatives: 66<br />
FP False Positives: 0<br />
FN False Negatives: 4<br />
SC Spam Corpusfed: 5890<br />
NC Nonspam Corpusfed: 872<br />
TL Training Left: 1562<br />
SHR Spam Hit Rate 94.67%<br />
HSR Ham Strike Rate: 0.00%<br />
PPV Positive predictive value: 100.00%<br />
OCA Overall Accuracy: 97.16%<br />
<br />
<br />
When contrib is in training mode you should see the following type of event in your qpsmptd log when issuing the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:05:43.495837500 24369 dspam plugin: Training email as spam (32.3 > 9)<br />
2010-01-04 16:06:12.922243500 24460 dspam plugin: Training email as spam (26.2 > 9)<br />
2010-01-04 16:08:30.707928500 24571 dspam plugin: Training email as spam (40.2 > 9)<br />
2010-01-04 16:15:09.209315500 25154 dspam plugin: Training email as spam (28.7 > 9)<br />
2010-01-04 16:15:12.657721500 25093 dspam plugin: Training email as innocent (-2.3 < 5)<br />
2010-01-04 16:15:31.505187500 25230 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:15:56.084894500 25261 dspam plugin: Training email as spam (33.2 > 9)<br />
2010-01-04 16:16:35.734852500 25302 dspam plugin: Training email as innocent (0.1 < 5)<br />
2010-01-04 16:16:37.373583500 25297 dspam plugin: Training email as spam (39.5 > 9)<br />
2010-01-04 16:17:50.398104500 25284 dspam plugin: Training email as spam (30.2 > 9)<br />
2010-01-04 16:18:13.514300500 25412 dspam plugin: Training email as spam (23.2 > 9)<br />
2010-01-04 16:18:41.653611500 25396 dspam plugin: Training email as spam (35.2 > 9)<br />
2010-01-04 16:20:05.432484500 25486 dspam plugin: Training email as spam (24.6 > 9)<br />
2010-01-04 16:20:07.036783500 25528 dspam plugin: Training email as innocent (1.7 < 5)<br />
2010-01-04 16:21:04.378237500 25766 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:21:21.849091500 25797 dspam plugin: Training email as innocent (-2.6 < 5)<br />
2010-01-04 16:22:32.693008500 25860 dspam plugin: Training email as spam (30.3 > 9)<br />
2010-01-04 16:28:22.610804500 26245 dspam plugin: Training email as spam (24.3 > 9)<br />
<br />
When contrib is in tagging mode you can see the following type of output from the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:14:27.830989500 21955 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b4205d3219672044083174)<br />
2010-01-04 16:15:57.446155500 22065 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42062d220731786917372)<br />
2010-01-04 16:20:55.422770500 22430 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420757224401732614111)<br />
2010-01-04 16:21:05.836167500 22453 dspam plugin: dspam result: Innocent with Confidence of 0.99 and Probability of 0.0000 (4b420761224588618216848)<br />
2010-01-04 16:21:20.033604500 22330 dspam plugin: dspam result: Spam with Confidence of 0.80 and Probability of 1.0000 (4b420770224877713217748)<br />
2010-01-04 16:24:41.615738500 22636 dspam plugin: dspam result: Innocent with Confidence of 0.76 and Probability of 0.0000 (4b420839226414726512081)<br />
2010-01-04 16:24:43.453742500 22636 dspam plugin: Retraining email as spam classification (14.9 > 9)<br />
2010-01-04 16:25:34.647693500 22729 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42086e227377747245261)<br />
2010-01-04 16:25:38.648186500 22743 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420872227551892345671)<br />
2010-01-04 16:26:04.702731500 22773 dspam plugin: dspam result: Innocent with Confidence of 1.00 and Probability of 0.0000 (4b42088c227818922614116)<br />
2010-01-04 16:26:06.441017500 22770 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42088e227882615116573)<br />
<br />
Notice the retraining of DSPAM that took place after a DSPAM classification as Innocent but with a total SpamAssassin score of 14.9<br />
<br />
===SpamAssassin General Statistics===<br />
You can monitor with rules are fired by SpamAssassin for both spam and ham with this little script which runs through the /var/log/spamd/current log file.<br />
<br />
cd /usr/bin/<br />
wget http://sme.swerts-knudsen.dk/downloads/DSPAM/sa-stats<br />
chmod +x sa-stats<br />
./sa-stats<br />
<br />
The output will look something like this.<br />
<br />
Email: 2895 Autolearn: 2591 AvgScore: 22.54 AvgScanTime: 3.74 sec<br />
Spam: 2165 Autolearn: 2075 AvgScore: 33.86 AvgScanTime: 3.44 sec<br />
Ham: 730 Autolearn: 516 AvgScore: -11.05 AvgScanTime: 4.64 sec<br />
Time Spent Running SA: 3.01 hours<br />
Time Spent Processing Spam: 2.07 hours<br />
Time Spent Processing Ham: 0.94 hours<br />
TOP SPAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 RCVD_IN_APEWSL2 1809 67.05 83.56 18.08<br />
2 RCVD_IN_BRBL 1789 62.04 82.63 0.96<br />
3 RAZOR2_CHECK 1786 61.93 82.49 0.96<br />
4 BAYES_99 1780 61.49 82.22 0.00<br />
5 RAZOR2_CF_RANGE_51_100 1759 61.00 81.25 0.96<br />
6 DIGEST_MULTIPLE 1656 57.37 76.49 0.68<br />
7 DCC_CHECK 1567 56.93 72.38 11.10<br />
8 URIBL_BLACK 1528 53.26 70.58 1.92<br />
9 RCVD_IN_XBL 1494 51.64 69.01 0.14<br />
10 RAZOR2_CF_RANGE_E8_51_100 1485 51.47 68.59 0.68<br />
11 RCVD_IN_JMF_BL 1484 51.68 68.55 1.64<br />
12 PYZOR_CHECK 1445 50.36 66.74 1.78<br />
13 RCVD_IN_PBL 1413 48.95 65.27 0.55<br />
14 URIBL_JP_SURBL 1347 46.53 62.22 0.00<br />
15 URIBL_SBL 1320 45.60 60.97 0.00<br />
16 URIBL_WS_SURBL 1294 44.70 59.77 0.00<br />
17 DSPAM_SPAM_99 1147 39.62 52.98 0.00<br />
18 SEM_URIRED 1135 39.79 52.42 2.33<br />
19 SEM_URI 1002 34.78 46.28 0.68<br />
20 HTML_MESSAGE 981 52.92 45.31 75.48<br />
----------------------------------------------------------------------<br />
TOP HAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 BAYES_00 715 25.98 1.71 97.95<br />
2 DSPAM_HAM_99 696 25.01 1.29 95.34<br />
3 HTML_MESSAGE 551 52.92 45.31 75.48<br />
4 SPF_PASS 329 13.68 3.09 45.07<br />
5 RCVD_IN_JMF_W 145 5.11 0.14 19.86<br />
6 RCVD_IN_APEWSL2 132 67.05 83.56 18.08<br />
7 MIME_HTML_ONLY 131 14.82 13.76 17.95<br />
8 SPF_HELO_PASS 96 3.52 0.28 13.15<br />
9 DCC_CHECK 81 56.93 72.38 11.10<br />
10 RCVD_IN_DNSWL_MED 63 2.18 0.00 8.63<br />
11 RCVD_IN_DNSWL_LOW 62 2.14 0.00 8.49<br />
12 SARE_SUB_ENC_UTF8 59 3.56 2.03 8.08<br />
13 MPART_ALT_DIFF 55 2.63 0.97 7.53<br />
14 USER_IN_WHITELIST 48 1.66 0.00 6.58<br />
15 MIME_HTML_MOSTLY 43 2.00 0.69 5.89<br />
16 MIME_QP_LONG_LINE 31 2.56 1.99 4.25<br />
17 EXTRA_MPART_TYPE 31 1.52 0.60 4.25<br />
18 MIME_BASE64_BLANKS 31 1.07 0.00 4.25<br />
19 HTML_IMAGE_RATIO_06 29 1.04 0.05 3.97<br />
20 MISSING_MID 28 1.52 0.74 3.84<br />
----------------------------------------------------------------------<br />
<br />
==FAQ==<br />
<br />
===Can I force it to start scoring even though training hasn't completed?===<br />
Yes, you can do this by changing config:<br />
config setprop dspam action tag<br />
signal-event email-update<br />
<br />
===Can I alter the score given to DSPAM classified emails?===<br />
Yes, you have to manually edit the /etc/mail/spamassassin/dspam.cf file. Notice that an upgrade of sme-dspam later, will overwrite your modifications. When you have made your modification issue an:<br />
<br />
signal-event email-update<br />
<br />
===How do I report a problem or a suggestion?===<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
----<br />
[[Category:Mail]]<br />
[[Category:Contrib]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Dansguardian-stats&diff=20070Dansguardian-stats2013-05-25T08:53:16Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk SME Optimizer]<br />
<br />
==Description==<br />
<br />
smeserver-dansguardian-stats provides a web statistics interface to the results of the content filtering provided by Dansguardian. I will on the statistics page present:<br />
<br />
* Pages Scanned, Allowed, Blocked and Infected pages and the amount of data scanned (Bytes)<br />
* Top 10 Visited sites<br />
* Top 10 Blocked Sites<br />
* Top 10 Malware/Virus Blocked content (requires ClamAV enabled)<br />
* Top 10 Blocked Categories as reported by Dansguardian<br />
<br />
Its a prerequisite that dansguardian and the smeserver-dansguardian contribs have been installed. See http://wiki.contribs.org/Dansguardian for install details.<br />
<br />
[[Image:Dansguardian-stats.jpg]]<br />
<br />
==Installation==<br />
in according with the [[bugzilla:7620]] this package is moving to smeContribs repo for SME8 and thus the installation method changes.<br />
yum install --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats<br />
<br />
old method<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localinstall smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Upgrade====<br />
yum upgrade --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats<br />
old method<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localupdate smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove smeserver-dansguardian-stats<br />
<br />
==Configuration==<br />
The package requires that the logfileformat for dansguardian is set to format 4 (in /etc/dansguardian/dansguardian.conf). <br />
<br />
# Log File Format<br />
# 1 = DansGuardian format (space delimited)<br />
# 2 = CSV-style format<br />
# 3 = Squid Log File Format<br />
# 4 = Tab delimited<br />
logfileformat = 4<br />
<br />
If you ran with a different logfileformat before then, delete the old log file, change the configuration and restart dansguardian.<br />
<br />
/etc/init.d/dansguardian stop<br />
rm /var/log/dansguardian/access.log<br />
/etc/init.d/dansguardian start<br />
<br />
When installed, the web interface is is accessible form:<br />
<br />
http://your.domain.com/dansguardian<br />
<br />
This dansguardian statistics web page can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
====Unofficial ClamAV signatures====<br />
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.<br />
<br />
Follow the guide on [[Virus:Additional Signatures]] to do that.<br />
<br />
==Statistics==<br />
<br />
An additional feature of the Dansguardian statistics is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:<br />
<br />
* Amount of pages scanned<br />
* Top 10 names of virus/malware infected content (names from ClamAV)<br />
* Top 10 names of Blocked domains and their Dansguardian categories (Proxies, Pornography, etc.)<br />
* The version of SME server used (7.x)<br />
* Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)<br />
<br />
Should you want to disable this functionality then this can obviously be done:<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian statsclient <disabled|enabled><br />
<br />
==How do I report a problem or a suggestion?==<br />
This contrib has been created in the bugtracker so just raise a bug by following {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-dansguardian-stats|title=this link}}. Please make sure to be ready to provide your dansguardian log file (/var/log/dansguardian/access.log)<br />
----<br />
[[Category:Contrib]]<br />
[[Category:Administration:Monitoring]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Dansguardian-stats&diff=20069Dansguardian-stats2013-05-25T08:52:44Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk | SME Optimizer]<br />
<br />
==Description==<br />
<br />
smeserver-dansguardian-stats provides a web statistics interface to the results of the content filtering provided by Dansguardian. I will on the statistics page present:<br />
<br />
* Pages Scanned, Allowed, Blocked and Infected pages and the amount of data scanned (Bytes)<br />
* Top 10 Visited sites<br />
* Top 10 Blocked Sites<br />
* Top 10 Malware/Virus Blocked content (requires ClamAV enabled)<br />
* Top 10 Blocked Categories as reported by Dansguardian<br />
<br />
Its a prerequisite that dansguardian and the smeserver-dansguardian contribs have been installed. See http://wiki.contribs.org/Dansguardian for install details.<br />
<br />
[[Image:Dansguardian-stats.jpg]]<br />
<br />
==Installation==<br />
in according with the [[bugzilla:7620]] this package is moving to smeContribs repo for SME8 and thus the installation method changes.<br />
yum install --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats<br />
<br />
old method<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localinstall smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Upgrade====<br />
yum upgrade --enablerepo=smecontribs smeserver-dansguardian smeserver-dansguardian-stats<br />
old method<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localupdate smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove smeserver-dansguardian-stats<br />
<br />
==Configuration==<br />
The package requires that the logfileformat for dansguardian is set to format 4 (in /etc/dansguardian/dansguardian.conf). <br />
<br />
# Log File Format<br />
# 1 = DansGuardian format (space delimited)<br />
# 2 = CSV-style format<br />
# 3 = Squid Log File Format<br />
# 4 = Tab delimited<br />
logfileformat = 4<br />
<br />
If you ran with a different logfileformat before then, delete the old log file, change the configuration and restart dansguardian.<br />
<br />
/etc/init.d/dansguardian stop<br />
rm /var/log/dansguardian/access.log<br />
/etc/init.d/dansguardian start<br />
<br />
When installed, the web interface is is accessible form:<br />
<br />
http://your.domain.com/dansguardian<br />
<br />
This dansguardian statistics web page can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
====Unofficial ClamAV signatures====<br />
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.<br />
<br />
Follow the guide on [[Virus:Additional Signatures]] to do that.<br />
<br />
==Statistics==<br />
<br />
An additional feature of the Dansguardian statistics is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:<br />
<br />
* Amount of pages scanned<br />
* Top 10 names of virus/malware infected content (names from ClamAV)<br />
* Top 10 names of Blocked domains and their Dansguardian categories (Proxies, Pornography, etc.)<br />
* The version of SME server used (7.x)<br />
* Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)<br />
<br />
Should you want to disable this functionality then this can obviously be done:<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian statsclient <disabled|enabled><br />
<br />
==How do I report a problem or a suggestion?==<br />
This contrib has been created in the bugtracker so just raise a bug by following {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-dansguardian-stats|title=this link}}. Please make sure to be ready to provide your dansguardian log file (/var/log/dansguardian/access.log)<br />
----<br />
[[Category:Contrib]]<br />
[[Category:Administration:Monitoring]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Virus:Additional_Signatures&diff=19478Virus:Additional Signatures2013-03-12T14:41:09Z<p>Knuddi: /* Old Installation Notes */</p>
<hr />
<div>{{Level|Medium}}<br />
==Anti Virus - Additional Signatures==<br />
===Introduction===<br />
SME Server uses Clam AntiVirus (http://www.clamav.net) as the default and built-in anti virus engine.<br />
<br />
By default this system will automatically get virus signature updates from the clamav database. Other people and organizations have developed additional signatures which can be used with ClamAV. These include<br />
<br />
* Sane Security (http://www.sanesecurity.com/clamav/) - who maintains nine signature databases (Phishing and Scam)<br />
* Security Info (http://www.securiteinfo.com/) - maintains four signature databases <br />
* Malware Block List (http://www.malware.com.br/) - who maintains a database for Malware<br />
<br />
In order to use these additional databases with your ClamAV installation you need to download them and add them to ClamAV. There is a script package from Sane Security which can be used to download and install the databases, and their addition provide 1,000's of new signatures for ClamAV to work with.<br />
<br />
{{Note box|Please be aware that these additional signatures can in rare cases contain false positives causing good emails to be caught. This has only been noticed once in 18 months for some hours though.}}<br />
<br />
===Installation===<br />
Log in to a console shell as ''root''<br />
<br />
Create and edit a new file. Add the following <br />
<br />
#!/bin/sh<br />
# script to install Bill Landry's <bill at inetmsg dot com> scripts<br />
# for maintaining Sanesecurity signatures for clamav<br />
# Copyright (C) 2009 Eric Shubert <ejs@shubes.net><br />
########################################################################<br />
# 8/23/12 Changed WEB_LOC to sourceforge host<br />
# 4/30/10 Amendments to install on SME Server - commented with SME<br />
# 9/25/09 Totally refactored by Eric Shubert <ejs@shubes.net><br />
# 3/22/09 Originally Written by Jake Vickers <jake@qmailtoaster.com><br />
#<br />
WEB_LOC=http://sourceforge.net/projects/unofficial-sigs/files/latest/download?source=files<br />
PKG_NAME=clamav-unofficial-sigs<br />
PKG_TGZ=$PKG_NAME.tar.gz<br />
# SME = changed variable name throughout and directory name<br />
SANE_DIR=/opt/sanesecurity<br />
<br />
########################################################################<br />
# initialization processing<br />
#<br />
a1_initialization(){<br />
<br />
# Make sure we're root<br />
if [ "$UID" != "0" ]; then<br />
echo "Error: You are not logged in as root, please su -"<br />
exit 1<br />
fi <br />
<br />
# remove files from previous version<br />
# SME - changed cron job from .sh to .cron, added removal of .sh script and redundant dbs<br />
rm -rf /etc/unofficial-clamav-sigs.conf \<br />
/etc/cron.hourly/unofficial-clamav-sigs.cron \<br />
/usr/unofficial-dbs \<br />
/usr/bin/unofficial-clamav-sigs.sh \<br />
/var/clamav/*.ndb \<br />
/var/clamav/*.ldb \<br />
/var/clamav/*.ftm \<br />
/var/clamav/*.hdb <br />
<br />
# set a temp directory for the tar file. $$ is the current shell ID.<br />
TEMP_DIR=$(tempfile 2>/dev/null) || TEMP_DIR=/tmp/$me.$$ <br />
<br />
# make sure the temp directory is deleted when we're done<br />
trap "rm -rf $TEMP_DIR" 0 1 2 5 15<br />
}<br />
<br />
###################################################################<br />
## download and unpack current package<br />
#<br />
a3_download_unpack(){<br />
<br />
rm -rf $TEMP_DIR<br />
mkdir -p $TEMP_DIR<br />
echo "$me $myver - getting latest version of $PKG_NAME ..."<br />
<br />
wget -O $TEMP_DIR/$PKG_TGZ $WEB_LOC<br />
<br />
if [ "$?" != "0" ]; then<br />
echo "$me - unable to reach $WEB_LOC/$PKG_TGZ, please try again later."<br />
exit 1<br />
fi<br />
<br />
tar -xz -C $TEMP_DIR -f $TEMP_DIR/$PKG_TGZ<br />
}<br />
<br />
###################################################################<br />
## install the package files<br />
#<br />
a5_install_files(){<br />
<br />
# SME - Added make directories<br />
mkdir -p $SANE_DIR/bin<br />
mkdir -p $SANE_DIR/etc<br />
mkdir -p $SANE_DIR/man<br />
<br />
# install the shell script<br />
cp $TEMP_DIR/$PKG_NAME-*/$PKG_NAME.sh $SANE_DIR/bin/$PKG_NAME.sh<br />
chmod 755 $SANE_DIR/bin/$PKG_NAME.sh<br />
ln -sf ../..$SANE_DIR/bin/$PKG_NAME.sh /usr/sbin/$PKG_NAME.sh<br />
<br />
# install the configuration file<br />
# SME - removed substitutions for clamd reload - reload_opt and reload_dbs<br />
# SME - removed substitution to change default dbs download directory<br />
# SME - added substitution to set clamd_socket location<br />
# SME - removed substitution to silence information output - but see cron job below<br />
<br />
cat $TEMP_DIR/$PKG_NAME-*/$PKG_NAME.conf | sed \<br />
-e "s|/var/lib/clamav|/var/clamav|" \<br />
-e "/#clamd_socket=/aclamd_socket=\"/var/clamav/clamd.socket\"" \<br />
-e "s|enable_logging=\"no\"|enable_logging=\"yes\"|" \<br />
-e "s|log_file_path=\"/var/log\"|log_file_path=\"/var/log/clamav\"|" \<br />
-e "s|log_file_name=\"clamav-unofficial|log_file_name=\"unofficial|" \<br />
-e "s|configuration_complete=\"no\"|configuration_complete=\"yes\"|" \<br />
> $SANE_DIR/etc/$PKG_NAME.conf<br />
ln -sf ../..$SANE_DIR/etc/$PKG_NAME.conf /etc/$PKG_NAME.conf<br />
<br />
# install the man page<br />
gzip $TEMP_DIR/$PKG_NAME-*/$PKG_NAME.8<br />
cp $TEMP_DIR/$PKG_NAME-*/$PKG_NAME.8.gz $SANE_DIR/man/$PKG_NAME.8.gz<br />
ln -sf ../../../..$SANE_DIR/man/$PKG_NAME.8.gz /usr/share/man/man8/$PKG_NAME.8.gz<br />
<br />
# install the cron job (cannot symlink cron jobs)<br />
grep "^#" $TEMP_DIR/$PKG_NAME-*/$PKG_NAME-cron \<br />
> /etc/cron.d/$PKG_NAME-cron<br />
# SME - added redirect stdout to null device and stderr to stdout so we only get error output from cron job<br />
echo -e "\n25 * * * * root /usr/sbin/$PKG_NAME.sh >/dev/null 2>&1" \<br />
>>/etc/cron.d/$PKG_NAME-cron<br />
<br />
# install the logrotate spec<br />
cat $TEMP_DIR/$PKG_NAME-*/$PKG_NAME-logrotate | sed \<br />
-e "s|clamav-unofficial|clamav/unofficial|" \<br />
> $SANE_DIR/etc/$PKG_NAME-logrotate<br />
ln -sf ../..$SANE_DIR/etc/$PKG_NAME-logrotate /etc/logrotate.d/$PKG_NAME-logrotate<br />
<br />
# install documentation files<br />
# SME - removed superfluous $PKG_NAME sub-directory below $SANE_DIR/doc<br />
mkdir -p $SANE_DIR/doc<br />
mv $TEMP_DIR/$PKG_NAME-*/CHANGELOG $SANE_DIR/doc/CHANGELOG<br />
mv $TEMP_DIR/$PKG_NAME-*/INSTALL $SANE_DIR/doc/INSTALL<br />
mv $TEMP_DIR/$PKG_NAME-*/LICENSE $SANE_DIR/doc/LICENSE<br />
mv $TEMP_DIR/$PKG_NAME-*/README $SANE_DIR/doc/README<br />
}<br />
<br />
###################################################################<br />
## main script execution begins here<br />
#<br />
me=${0##*/}<br />
myver=v0.3.1-1 <br />
<br />
a1_initialization<br />
<br />
a3_download_unpack<br />
<br />
a5_install_files<br />
<br />
echo "$PKG_NAME installed successfully"<br />
echo "clamav database files provided by Sanesecurity will be updated within an hour,"<br />
echo " and continuously after that."<br />
exit 0<br />
<br />
Save the file as ''sanesecurity-install.sh''<br />
<br />
chmod 755 sanesecurity-install.sh<br />
<br />
Now run the script. This will download the Sane Security package and install it for SME Server<br />
<br />
./sanesecurity-install.sh<br />
<br />
Run the Sane Security script for the first time to download the databases and check it works<br />
<br />
/usr/sbin/clamav-unofficial-sigs.sh<br />
<br />
If you want to immediately reload ClamAV to include the additional databases<br />
<br />
signal-event clamav-update<br />
<br />
===Operation===<br />
Having installed the Sane Security package as above, it will operate as follows.<br />
<br />
* A cron job (''/etc/cron.d/clamav-unofficial-sigs-cron'') will run once every hour and instigate the ''/use/sbin/clamav-unofficial-sigs.sh'' script<br />
* The script will read the configuration settings in ''/etc/clamav-unofficial-sigs.conf''<br />
* The additional databases will be downloaded to ''/usr/unofficial_dbs'' and then added to the ''/var/clamav'' directory<br />
* ClamAV will reload all its databases from ''/var/clamav'' every 30 minutes by default<br />
<br />
All the files (apart from the cron job and downloaded databases) are in ''/opt/sanesecurity'' and soft linked to the main directories.<br />
<br />
The ''sanesecurity-install.sh'' script used above can be run again if the Sane Security package of scripts etc is updated. Current version is 3.7 (April 2010). This assumes that nothing significant changes with regard to how the package needs to be installed.<br />
{{Note box|Running ''sanesecurity-install.sh'' again will download the latest Sane Security .tar.gz package and unpack/install it. This will overwrite the existing files, including ''/etc/clamav-unofficial-sigs.conf'' and any manual adjustments you may have made to the list of databases you want to be downloaded}}<br />
<br />
===Documentation===<br />
Documentation including a Change Log can be found in ''/opt/sanesecurity/doc'' as well as <br />
<br />
man clamav-unofficial-sigs<br />
<br />
===Signature Databases===<br />
The additional databases to be downloaded and installed by the ''clamav-unofficial-sigs.sh'' script are controlled by the configuration file ''/etc/clamav-unofficial-sigs.conf''<br />
<br />
A default set of databases are defined for download. There are additional databases that can also be added to the list, or some or all of the defaults can be excluded. The configuration file is commented in this regard and gives an indication of the risk of false positives from the non-default databases.<br />
<br />
To amend the databases you require, edit ''/etc/clamav-unofficial-sigs.conf'' and add or remove the database names as instructed. <br />
{{Note box|If removing databases from the download lists, don't forget to also delete them from ''/var/clamav'' and ''/usr/unofficial_dbs'' if they have been downloaded previously and exist}}<br />
{{Note box | Adding unofficial signatures increases memory usage. To increase the ''clamd'' memory limit try setting ''MemLimit'' to a value greater than 300000000 (see [http://wiki.contribs.org/DB_Variables_Configuration#Clam_AntiVirus_.28clamav.29 here] for reference). Since clamav-0.96 and smeserver-clamav-2.0.0-8 the default ''MemLimit'' for ''clamd'' has been 600000000 and should be sufficient. }}<br />
<br />
===Uninstall===<br />
Log in to a console shell as ''root''<br />
<br />
Create and edit a new file. Add the following <br />
<br />
rm -f /etc/cron.d/clamav-unoffical-sigs-cron<br />
rm -fr /opt/sanesecurity \<br />
/usr/unofficial-dbs<br />
rm -f /var/log/clamav/unofficial-sigs* \<br />
/var/clamav/*.ndb \<br />
/var/clamav/*.ldb \<br />
/var/clamav/*.ftm \<br />
/var/clamav/*.hdb <br />
signal-event clamav-update<br />
<br />
Save the file as ''sanesecurity-uninstall.sh''<br />
<br />
chmod 755 sanesecurity-uninstall.sh<br />
<br />
Now run the script. This will delete all the Sane Security package files, downloaded databases and directories<br />
<br />
./sanesecurity-uninstall.sh<br />
<br />
===Old Installation Notes===<br />
A previous installation of the Sane Security scripts was provided for SME by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer], and the installation notes for this are reproduced below for completeness. This is for version 2.4 of the scripts however, whereas the current version installed as above is 3.7 (April 2010)<br />
<br />
''Installation''<br />
cd /etc<br />
wget http://sme.swerts-knudsen.dk/downloads/unofficial-clamav-sigs-2.4/unofficial-clamav-sigs.conf<br />
<br />
cd /etc/cron.hourly<br />
wget http://sme.swerts-knudsen.dk/downloads/unofficial-clamav-sigs-2.4/unofficial-clamav-sigs.cron<br />
chmod +x unofficial-clamav-sigs.cron<br />
<br />
cd /usr/bin<br />
wget http://sme.swerts-knudsen.dk/downloads/unofficial-clamav-sigs-2.4/unofficial-clamav-sigs.sh<br />
chmod +x unofficial-clamav-sigs.sh<br />
<br />
When you run it manually the first time it will complain about missing GPG keys - Just run it again.<br />
<br />
./unofficial-clamav-sigs.sh<br />
<br />
ClamAV will by default reload its databases every 1800 secs (30mins) but you can force a reload with:<br />
<br />
signal-event email-update<br />
<br />
===References===<br />
See original forum post http://forums.contribs.org/index.php?topic=37861.0 <br />
<br />
See also http://forums.contribs.org/index.php/topic,45872.0.html<br />
<br />
See forum announcement of this Howto for further comments at http://forums.contribs.org/index.php/topic,45915.0.html<br />
<br />
Installation script originally produced by QmailToaster Plus - see http://qtp.qmailtoaster.com<br />
<br />
----<br />
[[Category:Howto]][[Category:Mail]][[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Dansguardian-stats&diff=19477Dansguardian-stats2013-03-12T14:39:51Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer]<br />
<br />
==Description==<br />
<br />
smeserver-dansguardian-stats provides a web statistics interface to the results of the content filtering provided by Dansguardian. I will on the statistics page present:<br />
<br />
* Pages Scanned, Allowed, Blocked and Infected pages and the amount of data scanned (Bytes)<br />
* Top 10 Visited sites<br />
* Top 10 Blocked Sites<br />
* Top 10 Malware/Virus Blocked content (requires ClamAV enabled)<br />
* Top 10 Blocked Categories as reported by Dansguardian<br />
<br />
Its a prerequisite that dansguardian and the smeserver-dansguardian contribs have been installed. See http://wiki.contribs.org/Dansguardian for install details.<br />
<br />
[[Image:Dansguardian-stats.jpg]]<br />
<br />
==Installation==<br />
<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localinstall smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Upgrade====<br />
wget http://sme.swerts-knudsen.dk/downloads/Dansguardian-stats/smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
yum localupdate smeserver-dansguardian-stats-1.0.3-1.noarch.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove smeserver-dansguardian-stats<br />
<br />
==Configuration==<br />
The package requires that the logfileformat for dansguardian is set to format 4 (in /etc/dansguardian/dansguardian.conf). <br />
<br />
# Log File Format<br />
# 1 = DansGuardian format (space delimited)<br />
# 2 = CSV-style format<br />
# 3 = Squid Log File Format<br />
# 4 = Tab delimited<br />
logfileformat = 4<br />
<br />
If you ran with a different logfileformat before then, delete the old log file, change the configuration and restart dansguardian.<br />
<br />
/etc/init.d/dansguardian stop<br />
rm /var/log/dansguardian/access.log<br />
/etc/init.d/dansguardian start<br />
<br />
When installed, the web interface is is accessible form:<br />
<br />
http://your.domain.com/dansguardian<br />
<br />
This dansguardian statistics web page can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
====Unofficial ClamAV signatures====<br />
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.<br />
<br />
Follow the guide on [[Virus:Additional Signatures]] to do that.<br />
<br />
==Statistics==<br />
<br />
An additional feature of the Dansguardian statistics is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:<br />
<br />
* Amount of pages scanned<br />
* Top 10 names of virus/malware infected content (names from ClamAV)<br />
* Top 10 names of Blocked domains and their Dansguardian categories (Proxies, Pornography, etc.)<br />
* The version of SME server used (7.x)<br />
* Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)<br />
<br />
Should you want to disable this functionality then this can obviously be done:<br />
<br />
/sbin/e-smith/db configuration setprop dansguardian statsclient <disabled|enabled><br />
<br />
==How do I report a problem or a suggestion?==<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk. Please make sure to be ready to provide your dansguardian log file (/var/log/dansguardian/access.log)<br />
----<br />
[[Category:Contrib]]<br />
[[Category:Administration:Monitoring]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=OpenVPN&diff=19476OpenVPN2013-03-12T14:39:23Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This howto has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer]<br />
<br />
==Description==<br />
OpenVPN (http://www.openvpn.net) is an excellent way to provide remote access to users from home or on the road. OpenVPN provides a complete replacement of the time to time unreliable PPTP VPN which is a part of the standard SME distribution. This Howto is focused on using OpenVPN in routed mode as a Windows 2k/XP/Vista Client to Server VPN connection. The installation consists of two steps, first the the portion which resides on the server and then the Client. I the following setup it is assumed that the local IP range for the private network is 192.168.1.0/24 and that the tunneled VPN network will be 192.168.100.0/24.<br />
<br />
{{Note box|From OpenVPN website: I would recommend using routing unless you need a specific feature which requires bridging, such as:<br />
* the VPN needs to be able to handle non-IP protocols such as IPX,<br />
* you are running applications over the VPN which rely on network broadcasts (such as LAN games), or<br />
* you would like to allow browsing of Windows file shares across the VPN without setting up a Samba or WINS server. }}<br />
<br />
{{Note box|OpenVPN-Bridge contribution is an alternative to this (with even a server-manager panel) but is more targeted site<->end clients configurations. See http://wiki.contribs.org/OpenVPN_Bridge}}<br />
<br />
{{Note box|You can also take a look at http://wiki.contribs.org/OpenVPN_SiteToSite . It's an alternative, with a panel in the server-manager and is specially made to connect several SME Servers together.}}<br />
<br />
==OpenVPN Server Configuration==<br />
For SME 7x, first Collect and install the rpm`s as indicated below. The RPM are taken from DAG's repository which is pretty extensive.<br />
<br />
cd /root<br />
mkdir openvpn<br />
cd openvpn<br />
wget http://rpmforge.sw.be/redhat/el4/en/i386/rpmforge/RPMS/lzo-2.04-1.el4.rf.i386.rpm<br />
wget http://dag.wieers.com/rpm/packages/openvpn/openvpn-2.0.9-1.el4.rf.i386.rpm<br />
rpm -Uvh *.rpm<br />
<br />
For SME 8x, the easiest way is to get the RPM from the DAG repository.<br />
<br />
cd /root<br />
mkdir openvpn<br />
cd openvpn<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/lzo-2.06-1.el5.rf.i386.rpm<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/openvpn-2.2.2-1.el5.rf.i386.rpm<br />
wget http://apt.sw.be/redhat/el5/en/i386/dag/RPMS/pkcs11-helper-1.08-1.el5.rf.i386.rpm (--[[User:Ddougan|Ddougan]] 20:53, 6 September 2012 (MDT))<br />
rpm -Uvh *.rpm<br />
<br />
Now its time to create the keys. The openvpn configs live in /etc/openvpn. First we need to edit the file with default values to match our installation. Open the file "vars" and Edit the default values to reflect your setup at the bottom of the file (KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG, KEY_EMAIL). Default we use 1024 bit Diffie Hellman but this can be changed to 2048 or even 4096 bit keys (depending of your paranoia level..)<br />
<br />
cd /usr/share/doc/openvpn-2.0.9/easy-rsa<br />
pico vars<br />
<br />
Now we can create the master certificate. Choose the defaults as entered into the vars file. You will need to enter values for the "Organizational Unit Name" which you can set to "VPN" and"Common Name" could be set to "Server"<br />
<br />
source vars<br />
sh clean-all<br />
sh build-ca<br />
<br />
Now we can build the certificate/private-key pairs for both the server and clients. Again choose choose "Organizational Unit Name" and "Common Name" as above. Do not add "A Challenge password" when asked, just press <ENTER>. The same goes for "An optional company name". Sign the certificate in the end.<br />
<br />
sh build-key server<br />
<br />
Now its time for the Client certificate which is pretty much the same as before. Use "Client" as "Common Name" and "VPN" for "Organizational Unit Name". Do not add "A Challenge password" when asked, just press <ENTER>. The same goes for "An optional company name". Sign the certificate in the end.<br />
<br />
sh build-key client<br />
<br />
Finally we build the Diffie Hellman parameters.<br />
<br />
sh build-dh<br />
Generating DH parameters, 1024 bit long safe prime, generator 2<br />
This is going to take a long time<br />
..................<br />
<br />
And it can take a long time. Your generated keys will be in /usr/share/doc/openvpn-2.0.9/easy-rsa/keys. The key names - "Server" and "Client" are simply descriptive. Choose names that suit your setup. You can create as many keys as you like using the above method. ''clean-all'' will clean out your keys directory - so be careful. <br />
<br />
The newly generated keys needs to be copied to the the OpenVPN directory.<br />
<br />
cp keys/ca.crt /etc/openvpn<br />
cp keys/server.crt /etc/openvpn<br />
cp keys/server.key /etc/openvpn<br />
cp keys/dh1024.pem /etc/openvpn<br />
<br />
The OpenVPN configuration along with authentication scripts file can be downloaded from my site. Download them and make the executable for root. There will be log files created in /var/log/openvpn indicating when users have logged in and out as well as login failures. Only users that have VPN Client Access enabled in Server-Manager will be allowed to VPN.<br />
<br />
cd /etc/openvpn<br />
mkdir -p /var/log/openvpn<br />
wget http://sme.swerts-knudsen.dk/downloads/OpenVPN/OpenVPN.tgz<br />
tar xzf OpenVPN.tgz<br />
chmod 755 *.pl<br />
chmod 755 *.sh<br />
chmod 700 *.up<br />
rm -rf OpenVPN.tgz<br />
<br />
Now you need to make a few changes to the /etc/openvpn/server.conf. Change the domain name listed as ''yourdomain.com'', ensure that the DNS server pushed to the clients is correct (dhcp-option DNS 192.168.1.1) and lastly the route net pushed (route 192.168.1.0).<br />
<br />
port 1194<br />
dev tap<br />
tls-server<br />
dh dh1024.pem<br />
ca ca.crt<br />
cert server.crt<br />
key server.key<br />
auth-user-pass-verify ./validate.sh via-env<br />
client-disconnect ./logoff.sh<br />
up ./openvpn.up<br />
mode server<br />
duplicate-cn<br />
ifconfig 192.168.100.1 255.255.255.0<br />
ifconfig-pool 192.168.100.100 192.168.100.200 255.255.255.0 # IP range for OpenVPN clients<br />
mtu-test<br />
tun-mtu 1500<br />
tun-mtu-extra 32<br />
mssfix 1450<br />
ping 10<br />
ping-restart 120<br />
push "ping 10"<br />
push "ping-restart 60"<br />
push "dhcp-option DOMAIN <b>yourdomain.com</b>" # push the DNS domain suffix<br />
push "dhcp-option DNS <b>192.168.1.1</b>" # push primary DNS entry to the openvpn clients.<br />
push "route <b>192.168.1.0</b> 255.255.255.0 192.168.100.1" # add route to to protected network<br />
comp-lzo<br />
status-version 2<br />
status openvpn-status.log<br />
verb 3<br />
<br />
If you are running this server is "server-gateway mode" you now need to open port 1194 for UDP traffic as this is the default tunnel for OpenVPN. Now go into the Server Manager panel under port forwarding and forward UDP/1194 to "localhost". <br />
If your server is in "server mode" you also need to fiddle with IPTables. Install the port opener and ensure to update the navigation panel. You will now have a "Port Opening" in the "Configuration" sections of the server-manager. Use it to open UDP/1194.<br />
<br />
rpm -Uvh http://sme.swerts-knudsen.dk/downloads/dmc-mitel-portopening-0.0.1-4.noarch.rpm<br />
/etc/e-smith/events/actions/navigation-conf<br />
<br />
You now need to add the VPN address range as a local networks in the server-manager under the Security section. <br />
<br />
{{Note box|Router: IP address of the SME servers LAN net. I this example 192.168.1.1}} <br />
<br />
The last thing you need to do before the installation is complete is to do a small change in the /etc/openvpn/openvpn.up file. Change the 192.168.1.1 value to match router you used when adding a local network.<br />
<br />
#!/bin/sh<br />
route del -net 192.168.100.0 netmask 255.255.255.0 gw <b>192.168.1.1</b><br />
route del -net 192.168.100.0 netmask 255.255.255.0 dev tap0<br />
route add -net 192.168.100.0 netmask 255.255.255.0 gw 192.168.100.1 <br />
<br />
When you have changed the file to match your network we start the service.<br />
<br />
/etc/init.d/openvpn start<br />
<br />
Verify that the service is running correctly by issuing an "ifconfig" and see the new "tap0" device<br />
<br />
tap0 Link encap:Ethernet HWaddr 00:FF:A3:3C:75:18<br />
inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0<br />
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<br />
RX packets:178204868 errors:0 dropped:0 overruns:0 frame:0<br />
TX packets:192915252 errors:0 dropped:1880 overruns:0 carrier:0<br />
collisions:0<br />
RX bytes:1802570258 (1719.0 Mb) TX bytes:1338165457 (1276.1 Mb)<br />
<br />
Now you want to ensure the the OpenVPN service starts every time you reboot your SME server.<br />
<br />
ln -s /etc/rc.d/init.d/openvpn /etc/rc7.d/S99OpenVPN<br />
<br />
==OpenVPN Client Configuration==<br />
<br />
The Win2k/XP/Vista client installation is quite simple and pretty much only require the Windows GUI and a configuration file. The Windows GUI can be downloaded from openvpn.net. If you run Vista you need to use the 2.1 Release Candidate (today RC9) http://openvpn.net/release/openvpn-2.1_rc9-install.exe to get it to work. Windows 2K/XP users can use the stable version http://openvpn.net/release/openvpn-2.0.9-install.exe<br />
<br />
When the GUI has been installed you need to create a configuration file for your VPN tunnel. Create a file in "C:/Program Files/OpenVPN/config" called VPN.ovpn with the following content and where you change the vpn.yourdomain.com to match your configuration.<br />
<br />
port 1194<br />
dev tap<br />
remote <b>vpn.yourdomain.com</b><br />
tls-client<br />
auth-user-pass<br />
ca ca.crt<br />
cert client.crt<br />
key client.key<br />
mtu-test<br />
tun-mtu 1500<br />
tun-mtu-extra 32<br />
mssfix 1450<br />
pull<br />
comp-lzo<br />
verb 4<br />
<br />
You now need to copy the Client keys you generated during the Server installation to the same directory on the Win2k/XP/Vista client. The following keys and certificates must be copied to the "C:/Program Files/OpenVPN/config" folder.<br />
<br />
* ca.crt<br />
* client.crt<br />
* client.key<br />
<br />
The Client installation is now complete and the user will be prompted upon login for the username and passwords.<br />
<br />
==FAQ==<br />
<br />
===When running the OpenVPN Client on MS Vista it fails updating routes===<br />
You need to make sure you run the OpenVPN GUI as administrator. See this page on details how to do that http://www.howtogeek.com/howto/windows-vista/always-start-an-application-in-administrator-mode-on-windows-vista/<br />
<br />
===How can I see which users are online or failed login?===<br />
Check the logfile in /var/log/openvpn/logins to see assigned IP, failures, etc.<br />
<br />
===How do I report a problem or a suggestion?===<br />
<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
<br />
----<br />
[[Category:Howto]]<br />
[[Category:Administration:VPN]]</div>Knuddihttps://wiki.koozali.org/index.php?title=DSPAM&diff=19475DSPAM2013-03-12T14:38:29Z<p>Knuddi: /* Installation */</p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer]<br />
<br />
==Description==<br />
I have for a long time used SME's built-in SpamAssassin with a few custom additions to get rid of most of my spam. Recently I noticed that the [http://dspam.nuclearelephant.com/ DSPAM] project was alive again and have since heard from many sources that it did a great job for them. I did not want to get rid of SpamAssassin but wanted to combine the strength of the two spam engines. One of the "weaknesses" of DSPAM is that it requires a significant amount of training before it provides reliable result - this training I am using SpamAssassin scoring to provide.<br />
<br />
I have therefore made this DSPAM plug-in which works in co-operation with SpamAssassin to get rid of even more spam.<br />
<br />
This contrib consists for most of two items: <br />
* qpsmtpd plugin which handles the training of the DSPAM engines based on SpamAssassin results and the which also, when training is complete, ensures that emails are classified with DSPAM for later scoring.<br />
* SpamAssassin plugin which used the DSPAM classification results to provide additional SpamAssassin scoring based on the DSPAM classification.<br />
<br />
==Installation==<br />
<br />
The package needs a working DSPAM installation and the sme-dspam contrib. ONLY SME 7x - Not support for SME 8x<br />
<br />
wget \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/sme-dspam-1.0.2-5.noarch.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/dspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-mysql-3.9.0-sme7.i386.rpm<br />
yum localinstall \<br />
sme-dspam-1.0.2-5.noarch.rpm \<br />
dspam-3.9.0-sme7.i386.rpm \<br />
libdspam-3.9.0-sme7.i386.rpm \<br />
libdspam-mysql-3.9.0-sme7.i386.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove sme-dspam<br />
<br />
==Configuration==<br />
<br />
The contrib initially does DSPAM training and will continue to do so until DSPAM claims that training is complete. It monitors the output of "dspam_stats -H" to see when training has completed and will then switch to scoring/tagging mode. When training is complete the admin will receive an email notification. Until it received this mode you will not see any DSPAM benefits. <br />
<br />
The training of DSPAM is done based on SpamAssassin scores and by default it will train as SPAM if SpamAssassin rejects the email and score is above 9. It will train as ham (DSPAM terminology innocent) when mail is scores lower than 5 by SpamAssassin.<br />
<br />
These two values can be configured by the config system<br />
<br />
config setprop dspam hamlevel xx (default: 5)<br />
config setprop dspam spamlevel xx (default: 9)<br />
<br />
and then do a:<br />
<br />
signal-event email-update<br />
<br />
==Statistics==<br />
<br />
===DSPAM Specific Statistics===<br />
You can follow how DSPAM is doing by use of the dspam_stats command. Below is an example where I started the tagging process before training was complete. Here you can see that 4 emails reported as False Negatives meaning DSPAM claimed they were ham and SpamAssassin scored them as Spam (above spamlevel).<br />
<br />
[root@mx]# dspam_stats -H<br />
qpsmtpd:<br />
TP True Positives: 71<br />
TN True Negatives: 66<br />
FP False Positives: 0<br />
FN False Negatives: 4<br />
SC Spam Corpusfed: 5890<br />
NC Nonspam Corpusfed: 872<br />
TL Training Left: 1562<br />
SHR Spam Hit Rate 94.67%<br />
HSR Ham Strike Rate: 0.00%<br />
PPV Positive predictive value: 100.00%<br />
OCA Overall Accuracy: 97.16%<br />
<br />
<br />
When contrib is in training mode you should see the following type of event in your qpsmptd log when issuing the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:05:43.495837500 24369 dspam plugin: Training email as spam (32.3 > 9)<br />
2010-01-04 16:06:12.922243500 24460 dspam plugin: Training email as spam (26.2 > 9)<br />
2010-01-04 16:08:30.707928500 24571 dspam plugin: Training email as spam (40.2 > 9)<br />
2010-01-04 16:15:09.209315500 25154 dspam plugin: Training email as spam (28.7 > 9)<br />
2010-01-04 16:15:12.657721500 25093 dspam plugin: Training email as innocent (-2.3 < 5)<br />
2010-01-04 16:15:31.505187500 25230 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:15:56.084894500 25261 dspam plugin: Training email as spam (33.2 > 9)<br />
2010-01-04 16:16:35.734852500 25302 dspam plugin: Training email as innocent (0.1 < 5)<br />
2010-01-04 16:16:37.373583500 25297 dspam plugin: Training email as spam (39.5 > 9)<br />
2010-01-04 16:17:50.398104500 25284 dspam plugin: Training email as spam (30.2 > 9)<br />
2010-01-04 16:18:13.514300500 25412 dspam plugin: Training email as spam (23.2 > 9)<br />
2010-01-04 16:18:41.653611500 25396 dspam plugin: Training email as spam (35.2 > 9)<br />
2010-01-04 16:20:05.432484500 25486 dspam plugin: Training email as spam (24.6 > 9)<br />
2010-01-04 16:20:07.036783500 25528 dspam plugin: Training email as innocent (1.7 < 5)<br />
2010-01-04 16:21:04.378237500 25766 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:21:21.849091500 25797 dspam plugin: Training email as innocent (-2.6 < 5)<br />
2010-01-04 16:22:32.693008500 25860 dspam plugin: Training email as spam (30.3 > 9)<br />
2010-01-04 16:28:22.610804500 26245 dspam plugin: Training email as spam (24.3 > 9)<br />
<br />
When contrib is in tagging mode you can see the following type of output from the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:14:27.830989500 21955 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b4205d3219672044083174)<br />
2010-01-04 16:15:57.446155500 22065 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42062d220731786917372)<br />
2010-01-04 16:20:55.422770500 22430 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420757224401732614111)<br />
2010-01-04 16:21:05.836167500 22453 dspam plugin: dspam result: Innocent with Confidence of 0.99 and Probability of 0.0000 (4b420761224588618216848)<br />
2010-01-04 16:21:20.033604500 22330 dspam plugin: dspam result: Spam with Confidence of 0.80 and Probability of 1.0000 (4b420770224877713217748)<br />
2010-01-04 16:24:41.615738500 22636 dspam plugin: dspam result: Innocent with Confidence of 0.76 and Probability of 0.0000 (4b420839226414726512081)<br />
2010-01-04 16:24:43.453742500 22636 dspam plugin: Retraining email as spam classification (14.9 > 9)<br />
2010-01-04 16:25:34.647693500 22729 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42086e227377747245261)<br />
2010-01-04 16:25:38.648186500 22743 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420872227551892345671)<br />
2010-01-04 16:26:04.702731500 22773 dspam plugin: dspam result: Innocent with Confidence of 1.00 and Probability of 0.0000 (4b42088c227818922614116)<br />
2010-01-04 16:26:06.441017500 22770 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42088e227882615116573)<br />
<br />
Notice the retraining of DSPAM that took place after a DSPAM classification as Innocent but with a total SpamAssassin score of 14.9<br />
<br />
===SpamAssassin General Statistics===<br />
You can monitor with rules are fired by SpamAssassin for both spam and ham with this little script which runs through the /var/log/spamd/current log file.<br />
<br />
cd /usr/bin/<br />
wget http://sme.swerts-knudsen.dk/downloads/DSPAM/sa-stats<br />
chmod +x sa-stats<br />
./sa-stats<br />
<br />
The output will look something like this.<br />
<br />
Email: 2895 Autolearn: 2591 AvgScore: 22.54 AvgScanTime: 3.74 sec<br />
Spam: 2165 Autolearn: 2075 AvgScore: 33.86 AvgScanTime: 3.44 sec<br />
Ham: 730 Autolearn: 516 AvgScore: -11.05 AvgScanTime: 4.64 sec<br />
Time Spent Running SA: 3.01 hours<br />
Time Spent Processing Spam: 2.07 hours<br />
Time Spent Processing Ham: 0.94 hours<br />
TOP SPAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 RCVD_IN_APEWSL2 1809 67.05 83.56 18.08<br />
2 RCVD_IN_BRBL 1789 62.04 82.63 0.96<br />
3 RAZOR2_CHECK 1786 61.93 82.49 0.96<br />
4 BAYES_99 1780 61.49 82.22 0.00<br />
5 RAZOR2_CF_RANGE_51_100 1759 61.00 81.25 0.96<br />
6 DIGEST_MULTIPLE 1656 57.37 76.49 0.68<br />
7 DCC_CHECK 1567 56.93 72.38 11.10<br />
8 URIBL_BLACK 1528 53.26 70.58 1.92<br />
9 RCVD_IN_XBL 1494 51.64 69.01 0.14<br />
10 RAZOR2_CF_RANGE_E8_51_100 1485 51.47 68.59 0.68<br />
11 RCVD_IN_JMF_BL 1484 51.68 68.55 1.64<br />
12 PYZOR_CHECK 1445 50.36 66.74 1.78<br />
13 RCVD_IN_PBL 1413 48.95 65.27 0.55<br />
14 URIBL_JP_SURBL 1347 46.53 62.22 0.00<br />
15 URIBL_SBL 1320 45.60 60.97 0.00<br />
16 URIBL_WS_SURBL 1294 44.70 59.77 0.00<br />
17 DSPAM_SPAM_99 1147 39.62 52.98 0.00<br />
18 SEM_URIRED 1135 39.79 52.42 2.33<br />
19 SEM_URI 1002 34.78 46.28 0.68<br />
20 HTML_MESSAGE 981 52.92 45.31 75.48<br />
----------------------------------------------------------------------<br />
TOP HAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 BAYES_00 715 25.98 1.71 97.95<br />
2 DSPAM_HAM_99 696 25.01 1.29 95.34<br />
3 HTML_MESSAGE 551 52.92 45.31 75.48<br />
4 SPF_PASS 329 13.68 3.09 45.07<br />
5 RCVD_IN_JMF_W 145 5.11 0.14 19.86<br />
6 RCVD_IN_APEWSL2 132 67.05 83.56 18.08<br />
7 MIME_HTML_ONLY 131 14.82 13.76 17.95<br />
8 SPF_HELO_PASS 96 3.52 0.28 13.15<br />
9 DCC_CHECK 81 56.93 72.38 11.10<br />
10 RCVD_IN_DNSWL_MED 63 2.18 0.00 8.63<br />
11 RCVD_IN_DNSWL_LOW 62 2.14 0.00 8.49<br />
12 SARE_SUB_ENC_UTF8 59 3.56 2.03 8.08<br />
13 MPART_ALT_DIFF 55 2.63 0.97 7.53<br />
14 USER_IN_WHITELIST 48 1.66 0.00 6.58<br />
15 MIME_HTML_MOSTLY 43 2.00 0.69 5.89<br />
16 MIME_QP_LONG_LINE 31 2.56 1.99 4.25<br />
17 EXTRA_MPART_TYPE 31 1.52 0.60 4.25<br />
18 MIME_BASE64_BLANKS 31 1.07 0.00 4.25<br />
19 HTML_IMAGE_RATIO_06 29 1.04 0.05 3.97<br />
20 MISSING_MID 28 1.52 0.74 3.84<br />
----------------------------------------------------------------------<br />
<br />
==FAQ==<br />
<br />
===Can I force it to start scoring even though training hasn't completed?===<br />
Yes, you can do this by changing config:<br />
config setprop dspam action tag<br />
signal-event email-update<br />
<br />
===Can I alter the score given to DSPAM classified emails?===<br />
Yes, you have to manually edit the /etc/mail/spamassassin/dspam.cf file. Notice that an upgrade of sme-dspam later, will overwrite your modifications. When you have made your modification issue an:<br />
<br />
signal-event email-update<br />
<br />
===How do I report a problem or a suggestion?===<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
----<br />
[[Category:Mail]]<br />
[[Category:Contrib]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=DSPAM&diff=19474DSPAM2013-03-12T14:37:26Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer]<br />
<br />
==Description==<br />
I have for a long time used SME's built-in SpamAssassin with a few custom additions to get rid of most of my spam. Recently I noticed that the [http://dspam.nuclearelephant.com/ DSPAM] project was alive again and have since heard from many sources that it did a great job for them. I did not want to get rid of SpamAssassin but wanted to combine the strength of the two spam engines. One of the "weaknesses" of DSPAM is that it requires a significant amount of training before it provides reliable result - this training I am using SpamAssassin scoring to provide.<br />
<br />
I have therefore made this DSPAM plug-in which works in co-operation with SpamAssassin to get rid of even more spam.<br />
<br />
This contrib consists for most of two items: <br />
* qpsmtpd plugin which handles the training of the DSPAM engines based on SpamAssassin results and the which also, when training is complete, ensures that emails are classified with DSPAM for later scoring.<br />
* SpamAssassin plugin which used the DSPAM classification results to provide additional SpamAssassin scoring based on the DSPAM classification.<br />
<br />
==Installation==<br />
<br />
The package needs a working DSPAM installation and the sme-dspam contrib. <br />
<br />
wget \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/sme-dspam-1.0.2-5.noarch.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/dspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-3.9.0-sme7.i386.rpm \<br />
http://sme.swerts-knudsen.dk/downloads/DSPAM/libdspam-mysql-3.9.0-sme7.i386.rpm<br />
yum localinstall \<br />
sme-dspam-1.0.2-5.noarch.rpm \<br />
dspam-3.9.0-sme7.i386.rpm \<br />
libdspam-3.9.0-sme7.i386.rpm \<br />
libdspam-mysql-3.9.0-sme7.i386.rpm<br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove sme-dspam<br />
<br />
==Configuration==<br />
<br />
The contrib initially does DSPAM training and will continue to do so until DSPAM claims that training is complete. It monitors the output of "dspam_stats -H" to see when training has completed and will then switch to scoring/tagging mode. When training is complete the admin will receive an email notification. Until it received this mode you will not see any DSPAM benefits. <br />
<br />
The training of DSPAM is done based on SpamAssassin scores and by default it will train as SPAM if SpamAssassin rejects the email and score is above 9. It will train as ham (DSPAM terminology innocent) when mail is scores lower than 5 by SpamAssassin.<br />
<br />
These two values can be configured by the config system<br />
<br />
config setprop dspam hamlevel xx (default: 5)<br />
config setprop dspam spamlevel xx (default: 9)<br />
<br />
and then do a:<br />
<br />
signal-event email-update<br />
<br />
==Statistics==<br />
<br />
===DSPAM Specific Statistics===<br />
You can follow how DSPAM is doing by use of the dspam_stats command. Below is an example where I started the tagging process before training was complete. Here you can see that 4 emails reported as False Negatives meaning DSPAM claimed they were ham and SpamAssassin scored them as Spam (above spamlevel).<br />
<br />
[root@mx]# dspam_stats -H<br />
qpsmtpd:<br />
TP True Positives: 71<br />
TN True Negatives: 66<br />
FP False Positives: 0<br />
FN False Negatives: 4<br />
SC Spam Corpusfed: 5890<br />
NC Nonspam Corpusfed: 872<br />
TL Training Left: 1562<br />
SHR Spam Hit Rate 94.67%<br />
HSR Ham Strike Rate: 0.00%<br />
PPV Positive predictive value: 100.00%<br />
OCA Overall Accuracy: 97.16%<br />
<br />
<br />
When contrib is in training mode you should see the following type of event in your qpsmptd log when issuing the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:05:43.495837500 24369 dspam plugin: Training email as spam (32.3 > 9)<br />
2010-01-04 16:06:12.922243500 24460 dspam plugin: Training email as spam (26.2 > 9)<br />
2010-01-04 16:08:30.707928500 24571 dspam plugin: Training email as spam (40.2 > 9)<br />
2010-01-04 16:15:09.209315500 25154 dspam plugin: Training email as spam (28.7 > 9)<br />
2010-01-04 16:15:12.657721500 25093 dspam plugin: Training email as innocent (-2.3 < 5)<br />
2010-01-04 16:15:31.505187500 25230 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:15:56.084894500 25261 dspam plugin: Training email as spam (33.2 > 9)<br />
2010-01-04 16:16:35.734852500 25302 dspam plugin: Training email as innocent (0.1 < 5)<br />
2010-01-04 16:16:37.373583500 25297 dspam plugin: Training email as spam (39.5 > 9)<br />
2010-01-04 16:17:50.398104500 25284 dspam plugin: Training email as spam (30.2 > 9)<br />
2010-01-04 16:18:13.514300500 25412 dspam plugin: Training email as spam (23.2 > 9)<br />
2010-01-04 16:18:41.653611500 25396 dspam plugin: Training email as spam (35.2 > 9)<br />
2010-01-04 16:20:05.432484500 25486 dspam plugin: Training email as spam (24.6 > 9)<br />
2010-01-04 16:20:07.036783500 25528 dspam plugin: Training email as innocent (1.7 < 5)<br />
2010-01-04 16:21:04.378237500 25766 dspam plugin: Training email as innocent (1.0 < 5)<br />
2010-01-04 16:21:21.849091500 25797 dspam plugin: Training email as innocent (-2.6 < 5)<br />
2010-01-04 16:22:32.693008500 25860 dspam plugin: Training email as spam (30.3 > 9)<br />
2010-01-04 16:28:22.610804500 26245 dspam plugin: Training email as spam (24.3 > 9)<br />
<br />
When contrib is in tagging mode you can see the following type of output from the command:<br />
<br />
tail -f /var/log/qpsmtpd/current | tai64nlocal | grep dspam<br />
<br />
2010-01-04 16:14:27.830989500 21955 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b4205d3219672044083174)<br />
2010-01-04 16:15:57.446155500 22065 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42062d220731786917372)<br />
2010-01-04 16:20:55.422770500 22430 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420757224401732614111)<br />
2010-01-04 16:21:05.836167500 22453 dspam plugin: dspam result: Innocent with Confidence of 0.99 and Probability of 0.0000 (4b420761224588618216848)<br />
2010-01-04 16:21:20.033604500 22330 dspam plugin: dspam result: Spam with Confidence of 0.80 and Probability of 1.0000 (4b420770224877713217748)<br />
2010-01-04 16:24:41.615738500 22636 dspam plugin: dspam result: Innocent with Confidence of 0.76 and Probability of 0.0000 (4b420839226414726512081)<br />
2010-01-04 16:24:43.453742500 22636 dspam plugin: Retraining email as spam classification (14.9 > 9)<br />
2010-01-04 16:25:34.647693500 22729 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42086e227377747245261)<br />
2010-01-04 16:25:38.648186500 22743 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b420872227551892345671)<br />
2010-01-04 16:26:04.702731500 22773 dspam plugin: dspam result: Innocent with Confidence of 1.00 and Probability of 0.0000 (4b42088c227818922614116)<br />
2010-01-04 16:26:06.441017500 22770 dspam plugin: dspam result: Spam with Confidence of 0.99 and Probability of 1.0000 (4b42088e227882615116573)<br />
<br />
Notice the retraining of DSPAM that took place after a DSPAM classification as Innocent but with a total SpamAssassin score of 14.9<br />
<br />
===SpamAssassin General Statistics===<br />
You can monitor with rules are fired by SpamAssassin for both spam and ham with this little script which runs through the /var/log/spamd/current log file.<br />
<br />
cd /usr/bin/<br />
wget http://sme.swerts-knudsen.dk/downloads/DSPAM/sa-stats<br />
chmod +x sa-stats<br />
./sa-stats<br />
<br />
The output will look something like this.<br />
<br />
Email: 2895 Autolearn: 2591 AvgScore: 22.54 AvgScanTime: 3.74 sec<br />
Spam: 2165 Autolearn: 2075 AvgScore: 33.86 AvgScanTime: 3.44 sec<br />
Ham: 730 Autolearn: 516 AvgScore: -11.05 AvgScanTime: 4.64 sec<br />
Time Spent Running SA: 3.01 hours<br />
Time Spent Processing Spam: 2.07 hours<br />
Time Spent Processing Ham: 0.94 hours<br />
TOP SPAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 RCVD_IN_APEWSL2 1809 67.05 83.56 18.08<br />
2 RCVD_IN_BRBL 1789 62.04 82.63 0.96<br />
3 RAZOR2_CHECK 1786 61.93 82.49 0.96<br />
4 BAYES_99 1780 61.49 82.22 0.00<br />
5 RAZOR2_CF_RANGE_51_100 1759 61.00 81.25 0.96<br />
6 DIGEST_MULTIPLE 1656 57.37 76.49 0.68<br />
7 DCC_CHECK 1567 56.93 72.38 11.10<br />
8 URIBL_BLACK 1528 53.26 70.58 1.92<br />
9 RCVD_IN_XBL 1494 51.64 69.01 0.14<br />
10 RAZOR2_CF_RANGE_E8_51_100 1485 51.47 68.59 0.68<br />
11 RCVD_IN_JMF_BL 1484 51.68 68.55 1.64<br />
12 PYZOR_CHECK 1445 50.36 66.74 1.78<br />
13 RCVD_IN_PBL 1413 48.95 65.27 0.55<br />
14 URIBL_JP_SURBL 1347 46.53 62.22 0.00<br />
15 URIBL_SBL 1320 45.60 60.97 0.00<br />
16 URIBL_WS_SURBL 1294 44.70 59.77 0.00<br />
17 DSPAM_SPAM_99 1147 39.62 52.98 0.00<br />
18 SEM_URIRED 1135 39.79 52.42 2.33<br />
19 SEM_URI 1002 34.78 46.28 0.68<br />
20 HTML_MESSAGE 981 52.92 45.31 75.48<br />
----------------------------------------------------------------------<br />
TOP HAM RULES FIRED<br />
----------------------------------------------------------------------<br />
RANK RULE NAME COUNT %OFMAIL %OFSPAM %OFHAM<br />
----------------------------------------------------------------------<br />
1 BAYES_00 715 25.98 1.71 97.95<br />
2 DSPAM_HAM_99 696 25.01 1.29 95.34<br />
3 HTML_MESSAGE 551 52.92 45.31 75.48<br />
4 SPF_PASS 329 13.68 3.09 45.07<br />
5 RCVD_IN_JMF_W 145 5.11 0.14 19.86<br />
6 RCVD_IN_APEWSL2 132 67.05 83.56 18.08<br />
7 MIME_HTML_ONLY 131 14.82 13.76 17.95<br />
8 SPF_HELO_PASS 96 3.52 0.28 13.15<br />
9 DCC_CHECK 81 56.93 72.38 11.10<br />
10 RCVD_IN_DNSWL_MED 63 2.18 0.00 8.63<br />
11 RCVD_IN_DNSWL_LOW 62 2.14 0.00 8.49<br />
12 SARE_SUB_ENC_UTF8 59 3.56 2.03 8.08<br />
13 MPART_ALT_DIFF 55 2.63 0.97 7.53<br />
14 USER_IN_WHITELIST 48 1.66 0.00 6.58<br />
15 MIME_HTML_MOSTLY 43 2.00 0.69 5.89<br />
16 MIME_QP_LONG_LINE 31 2.56 1.99 4.25<br />
17 EXTRA_MPART_TYPE 31 1.52 0.60 4.25<br />
18 MIME_BASE64_BLANKS 31 1.07 0.00 4.25<br />
19 HTML_IMAGE_RATIO_06 29 1.04 0.05 3.97<br />
20 MISSING_MID 28 1.52 0.74 3.84<br />
----------------------------------------------------------------------<br />
<br />
==FAQ==<br />
<br />
===Can I force it to start scoring even though training hasn't completed?===<br />
Yes, you can do this by changing config:<br />
config setprop dspam action tag<br />
signal-event email-update<br />
<br />
===Can I alter the score given to DSPAM classified emails?===<br />
Yes, you have to manually edit the /etc/mail/spamassassin/dspam.cf file. Notice that an upgrade of sme-dspam later, will overwrite your modifications. When you have made your modification issue an:<br />
<br />
signal-event email-update<br />
<br />
===How do I report a problem or a suggestion?===<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
----<br />
[[Category:Mail]]<br />
[[Category:Contrib]]<br />
[[Category:Administration:Content Spam Virus Blocking]]</div>Knuddihttps://wiki.koozali.org/index.php?title=Unjunkmgr&diff=19473Unjunkmgr2013-03-12T14:36:54Z<p>Knuddi: </p>
<hr />
<div>==Maintainer==<br />
This contrib has been developed by [[User:Knuddi|Jesper Knudsen]] from [http://smeoptimizer.swerts-knudsen.dk/| SME Optimizer]<br />
<br />
==Description==<br />
I have for a long time had ”customers” that POP’ed emails from my servers and that therefore did not have a good chance to see and/or retrieve emails that had been sorted to the junkmail folder by SpamAssassin. The same actually goes for IMAP users that often ''forgot'' to look the junkmail folder when they thought emails were missing.<br />
<br />
I have therefore made a junkmail manager that on a weekly basis sends out a summary email to all users with a list of emails that have been sorted into the junkmail folder the recent week.<br />
<br />
If the user wishes to get one of these emails sent to the users inbox he/she can push the “UnJunk” link to the left. The system will, if UnJunk is pressed, teach SpamAssassin via the “sa-learn” command that this can be considered as “ham” next time. This means that it’s more likely that an email from this sender or with this content will pass the spam check next time. <br />
<br />
The Summary email that arrives per default Fridays at 1PM looks something like this:<br />
<br />
[[Image:Emailsummary.jpg]]<br />
<br />
==Installation==<br />
<br />
The package needs the Perl-MIME-Lite package to be able to send out HTML formatted emails and MRTG to create the statistics graphs. These packages are available from smecontribs and base respectively.<br />
<br />
wget http://sme.swerts-knudsen.dk/downloads/unjunkmgr/sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
yum --enablerepo=smecontribs --enablerepo=base localinstall sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
<br />
{{Note box|If you are running SME8 (beta), then you need to manually install an extra perl package as. Please issue a "yum update perl-Email-Date-Format"}} <br />
<br />
====Upgrading====<br />
<br />
wget http://sme.swerts-knudsen.dk/downloads/unjunkmgr/sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
yum --enablerepo=smecontribs --enablerepo=base localupdate sme-unjunkmgr-1.1.3-1.noarch.rpm<br />
<br />
{{Note box|Note that I have found a bug in the older releases (1.0.x) causing updates to fail (main directory will be deleted by post install script...). This means that in order to upgrade to 1.1.3-1 you will need to uninstall the old version first and then do the install of the new. Side effect is that your old log files (statistics) will also be deleted. If you want to avoid this you need to save a copy of all *.old and *.log files within /usr/local/unjunkmgr directory. These can be copied back after install is completed.}} <br />
<br />
====Uninstall====<br />
You can simply remove the package again with the usual yum command. <br />
<br />
yum remove sme-unjunkmgr<br />
<br />
NOTE: If you are uninstalling version '''1.0.0-1''' you also need to also expand templates.<br />
expand-template /etc/crontab<br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
==Configuration==<br />
<br />
====Email Notifications====<br />
The UnJunk Manager sends out the summary email every Friday at 1PM to all users with emails stored in their junkmail folder. If you wish the admin account to get copied on all these user emails then this can be enabled/disabled with (default: no):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr adminemails <no|yes><br />
<br />
If you just want to use the UnJunk Manager to gather statistics and not send out any summary emails to the users you can disable this functionality with (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr useremails <no|yes><br />
<br />
How do I configure the UnJunkMgr to use an IP address or a different hostname rather than the primary domain name when it sends out the weekly overview (default: domainname)?<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr unjunkhost <hostname|IP address><br />
<br />
The summary emails contain a link to an web page where emails can be unjunked (released to he inbox). These URLs cann, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
====Statistics====<br />
<br />
The UnJunk Manager also collects statistics on the emails passing through the mail server. This is accessible from:<br />
<br />
http://your.domain.com/unjunkmgr<br />
<br />
This web page and the unjunk functionality as described above can, by default, only be seen from the local network (IP ranges defined in Local Network in the server-manager) but if you want this to be accessible from remote networks (public access) this can be done via (default: yes):<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr LocalOnly <no|yes><br />
expand-template /etc/httpd/conf/httpd.conf<br />
/etc/rc.d/init.d/httpd-e-smith restart<br />
<br />
[[Image:Unjunkwebstat.jpg]]<br />
<br />
An additional feature of the UnJunk Manager is to send the collected statistics to a central statistics central at http://central.swerts-knudsen.dk. The gathering of data is not stressful for the server and the data sent is not sensitive (well in my opinion) and consists of:<br />
<br />
* Amount of emails scanned<br />
* Number of spam infected (tagged and rejected) or virus infected emails (if virus found the ClamAV name)<br />
* The version of SME server used <br />
* Public IP address of server (used to plot in Google Maps on central.swerts-knudsen.com)<br />
<br />
Should you want to disable this functionality then this can obviously be done:<br />
<br />
/sbin/e-smith/db configuration setprop unjunkmgr statsclient <disabled|enabled><br />
<br />
====SpamAssassin bayes filters====<br />
<br />
The SpamAssassin learning requires that the SpamAssassin bayes filters have been enabled though. How this is done can be read at http://wiki.contribs.org/Email#Setup_Blacklists_.26_Bayesian_Autolearning or through these few shell commands.<br />
<br />
config setprop spamassassin UseBayes 1<br />
config setprop spamassassin BayesAutoLearnThresholdSpam 4.00<br />
config setprop spamassassin BayesAutoLearnThresholdNonspam 0.10<br />
expand-template /etc/mail/spamassassin/local.cf<br />
sa-learn --sync --dbpath /var/spool/spamd/.spamassassin -u spamd<br />
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes_*<br />
chown spamd.spamd /var/spool/spamd/.spamassassin/bayes.mutex<br />
chmod 640 /var/spool/spamd/.spamassassin/bayes_*<br />
config setprop spamassassin status enabled<br />
signal-event email-update<br />
<br />
<br />
Personally I also think that the default 90 days of retention for emails in the junkmail folder is way to long - who bothers to look at 90 days old emails anyways? I run with 15 days of retention on all my installations.<br />
<br />
db configuration setprop spamassassin MessageRetentionTime 15 <br />
signal-event email-update <br />
<br />
====Unofficial ClamAV signatures====<br />
I would also recommend to install the script that downloads all the unofficial ClamAV signatures as these detects not only virus but equally importantly various kinds of malware and spam.<br />
<br />
Follow the guide for [[Virus:Additional_Signatures|Additional Virus Signatures]] to do that.<br />
<br />
==FAQ==<br />
<br />
===How do I see what this Summary of Junkmail looks like without sending to all my users?===<br />
You will need to change config via:<br />
/sbin/e-smith/db configuration setprop unjunkmgr useremails no<br />
/sbin/e-smith/db configuration setprop unjunkmgr adminemails yes<br />
<br />
Then launch the reminder manually with: <br />
/usr/local/unjunkmgr/spamreminder.pl<br />
<br />
All the summary emails will now be sent to “admin”.<br />
<br />
===How do I change when the reminder email is sent out?===<br />
Currently this requires a manual change. Open in you preferred editor:<br />
<br />
/etc/e-smith/templates-custom/etc/crontab/unjunk<br />
<br />
Add extra lines to have reminder sent out more often or change the hour/day in the last line with the $OUT - Change the "5" to "1" for Monday rather than Friday.<br />
<br />
{<br />
use esmith::ConfigDB;<br />
<br />
my $dbh = esmith::ConfigDB->open() || die "Unable to open configuration dbase.";<br />
my %sa_conf = $dbh->get('unjunkmgr')->props;<br />
<br />
while (my ($parameter,$value) = each(%sa_conf)) {<br />
if ($parameter eq 'enabled') {<br />
$enabled = $value;<br />
}<br />
}<br />
<br />
$OUT = "";<br />
if (uc($enabled) eq 'YES') {<br />
$OUT .= "# Schedule the UnJunk every 5 minutes\n";<br />
$OUT .= "0-59/5 * * * * root /usr/local/unjunkmgr/spamchanger.pl -file=/tmp/unjunk.file\n";<br />
$OUT .= "\n";<br />
$OUT .= "# Schedule the weekly Blocked Junk Summary to arrive at 1PM Friday\n";<br />
$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday<br />
}<br />
}<br />
<br />
See the following schema for modifying the job scheduling:<br />
<br />
* * * * * command to be executed<br />
<br />
| | | | |<br />
| | | | +----- day of week (0 - 6) (Sunday=0)<br />
| | | +------- month (1 - 12)<br />
| | +--------- day of month (1 - 31)<br />
| +----------- hour (0 - 23)<br />
+------------- min (0 - 59)<br />
<br />
For example, the original entry:<br />
<br />
$OUT .= "0 13 * * 5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Friday<br />
<br />
is set to run at 13:00 (1pm) on Friday of every week, to change it to say run at 4:30pm Monday to Friday:<br />
<br />
$OUT .= "30 16 * * 1-5 root /usr/local/unjunkmgr/spamreminder.pl\n"; # Monday to Friday<br />
<br />
To see more detail on crontab scheduling see [http://www.adminschoice.com/docs/crontab.htm]<br />
<br />
Then expand templates<br />
<br />
expand-template /etc/crontab<br />
<br />
===How do I report a problem or a suggestion?===<br />
This contrib has not yet been created in the bugtracker so just send an email to mailto:contribs@swerts-knudsen.dk<br />
<br />
==Revisions==<br />
{| border="1" style="background-color:#C0C0C0"<br />
|Release<br />
|Changes<br />
|- style="background-color:#FFFFFF"<br />
|1.0.0-1<br />
|First release<br />
|- style="background-color:#FFFFFF"<br />
|1.0.1-1<br />
|Updated web overview to have virus rigth and spam to the left.<br />
<br />
Fixed regex causing some warning messages during weekly spamreminder run if email subject were empty<br />
<br />
Improved uninstall to clean up properly <br />
|- style="background-color:#FFFFFF"<br />
|1.1.0-1<br />
|Updated statistics overview to use pie charts for spam and different tables for virus found<br />
<br />
Added new configuration parameters for most commonly asked changes to avoid hard-coding<br />
<br />
Improved log file checks to avoid catching errors and warnings from ClamAV<br />
<br />
Generally improved code to remove warnings to admin when sending weekly summary emails <br />
|- style="background-color:#FFFFFF"<br />
|1.1.1-1<br />
|Fixed problem with weekly emails (error line 112 in spamreminder.pl)<br />
<br />
Fixed problem in post-upgrade script that caused upgrades from earlier versions to fail<br />
<br />
|- style="background-color:#FFFFFF"<br />
|1.1.3-1<br />
|Now also counting rejected emails that never reaches SpamAssassin (rejected due to missing mailbox, reverse DNS fails, etc.)<br />
<br />
Fixed problem using unjunkhost configuration parameter<br />
<br />
Updated style sheets (CSS) to show nicely also using IE<br />
<br />
Added statistic for top spammed email accounts <br />
<br />
|}<br />
----<br />
[[Category:Mail]]<br />
[[Category:Contrib]]<br />
[[Category:Administration:Content Spam Virus Blocking]]<br />
[[Category:Administration:Monitoring]]</div>Knuddihttps://wiki.koozali.org/index.php?title=User:Knuddi&diff=16426User:Knuddi2012-08-06T09:20:47Z<p>Knuddi: </p>
<hr />
<div>Name: Jesper Knudsen<br />
<br />
Living in: Denmark<br />
<br />
Contribs by me:<br />
* http://wiki.contribs.org/DSPAM<br />
* http://wiki.contribs.org/Sme-unjunkmgr<br />
* http://wiki.contribs.org/Dansguardian-stats<br />
* http://wiki.contribs.org/OpenVPN<br />
<br />
I can be contacted via email at: mailto:contribs@swerts-knudsen.dk or through my SME website at http://sme.swerts-knudsen.dk<br />
<br />
If you want to limit the hassle keeping up with spam - even though the SME server does a reasonable job - then have a look at ScanMailX - http://www.scanmailx.com.</div>Knuddihttps://wiki.koozali.org/index.php?title=User:Knuddi&diff=16425User:Knuddi2012-08-06T09:20:28Z<p>Knuddi: </p>
<hr />
<div>Name: Jesper Knudsen<br />
<br />
Living in: Denmark<br />
<br />
Contribs by me:<br />
* http://wiki.contribs.org/DSPAM<br />
* http://wiki.contribs.org/Sme-unjunkmgr<br />
* http://wiki.contribs.org/Dansguardian-stats<br />
* http://wiki.contribs.org/OpenVPN<br />
<br />
I can be contacted via email at: mailto:contribs@swerts-knudsen.dk or through my SME website at http://sme.swerts-knudsen.dk<br />
<br />
If you want to limit the hassle keeping up with spam - even though the SME server does a reasonable job - then have a look at ScanMailX - www.scanmailx.com.</div>Knuddi