Working OpenBSD spamd package ** now $800USD - $1000USD **
-
take a look on mailscanner project … it's a great job to kill UCE... i have used for years with good detection ...
-
Mailscanner solves a completely different problem. OpenBSD's spamd project can sit on a box in front of something like a mailscanner and reduce the amount of mail that the other box has to scan. I have a cluster of Barracuda Networks Spam Firewall boxes which do a decent job without needing too much of my attention. I would like to have a cluster of pfSense boxes with OpenBSD's spamd utility sitting in front of the Barracuda's to try to bring the 500,000 message sending attempts via each box down to something like 300,000 attempts, or less. Otherwise, I need to spend money on an additional Barracuda to maintain acceptable performance for my end users.
I have used several spam scanning systems built around SpamAssassin and ClamAV plus other stuff, including the Barracudas. They all tend to be about the same in terms of effectiveness in an ISP environment where a global bayes database is impossible. The Barracudas are handling more mail per box with a prettier (for the users) interface than the assembly required stuff available when I switched to them. The administration time savings have made them worth the subscription renewal pricing.
-
ok … i understood...
in some customers i used an pool of mailscanners combined with: Dns tests, (reverse IP, SPF) bayes DB, spam balcklists are downloaded to my servers each 15 minutes, i use two lines of AV .. (bitdefender and Clamav).
To decide what the host to be used, my dns responses are in round-robin way with low time in cache, to assure diferent replys. in one customer 500.000 UCE are blocked per day and 50.000 clean and valid emails are receveid all day in 1.000 mailboxes of an M$ server. -
That's what I would call Defense In Depth!
;)
-
i would be very interested in spamd being brought back into pfSense. We have two pfSense CARP routers sitting infront of a mail server that takes in 30-50k emails per day most of which is spam. I would love to see and have spamd implemented on pfSense. This would also be significantly helpful so we don't have to expose Exchange machines to the internet. right now we use postfix at our colo and deliver it ot the exchange machine via ipsec.
I am willing to throw down $250 for this in the next few weeks. i would like to give the money directly to the project and have them payout someone who completes this bounty.
thanks, -
okay, call my pledge $250 too.
That makes $500 total.
-
Centipede Networks will offer an additional $300 to this bounty for the following:
- The spamd package must work with 1.2-RELEASE
- The spamd package must provide support for multiple destination mail servers
- The spamd package must work with a CARP or ProxyARP virtual IP address
- Configuration settings for the spamd package must be mirrorable to other CARP members
optional
5) It would be especially nice if the spamd package can work in a bridged configuration. If this isn't possible, no big.signing bonus:
If this project is completed prior to Friday, April 18th, Centipede Networks will pay an additional $200 to the bounty. -
@submicron:
Centipede Networks will offer an additional $300 to this bounty for the following:
Sweet! Thanks!
-
ok ….
i will give a try to spamd package .. can someone give access to old package ??? will be aa good start point ...
-
You'll find everything here http://cvs.pfsense.org/cgi-bin/cvsweb.cgi/tools/packages/ .
-
ok ….
i will give a try to spamd package .. can someone give access to old package ??? will be aa good start point ...
Are you actively working on this bounty?
-
yes,
i´m looking to understand and knows the package …. i only worked before on Mailscanner... but now i am in learning mode ....in this moment it´s an experimental .. not for bounty .. .just for comunity ..
-
In the hopes that relating my experience with spamd will motivate some people to contribute to this bounty, and ultimately motivate a developer to take the bounty, here is the story.
I have put up a FreeBSD 7.x box where I want the pfSense box(es) to see how much of a difference spamd is going to make. So far, it looks like it is going to knock about half the load off my Barracuda boxes.
I moved one unit behind the spamd box yesterday and saw a drop in message attempts per hour on that box drop from 18,000 per hour to about 3,000 per hour.
I left it running that way for about 20 hours and it worked it's way up to about 4,000 per hour for the hour before I began moving the second barracuda.
Servers were not being very successful in un-greylisting themselves because when box 1 told them to shove off, they immediately sent the message via box 2. At 11am I disabled the second box. In a couple of hours, we were seeing about 8,300 message attempts per hour on the protected box. The number of whitelisted entries climbed very quickly. (Before the spamd box was inline, one box could not have survived handling the e-mail load by itself. It ran about 2 hours 50 minutes taking the full load without breaking a sweat.)
We now have both boxes behind the spamd box and are seeing just under 6,000 message attempts per hour per box. The number of allowed messages per hour per box has gone from about 2,000 to about 1,000. If things stay this way, my customers are going to start wondering where their spam is. So far, we have had no complaints of missing e-mail. However, we are only 25 hours in. I suspect more and more spam hosts will successfully white list themselves, but the Barracudas should take care of them when they get through. I have hope that we will stabilize at around 10,000 message send attempts per hour per box. That will be an almost 50% reduction in load on the barracudas. This is a very impressive layer to add to the e-mail security onion.
The spamd box is a Via C7 1GHz with 256MB RAM and 3 Intel gigabit NICs. I still have about 20MB free memory and we are at about 20% cpu utilization system wide. The spamd processes themselves are using about 17% of the CPU.
All of that to say, having spamd working on a pfSense box could very well save your spam scanning hardware from needing to be upgraded for a year or two. I spent 2 weeks trying to get the pfSense development environment figured out and finally punted and had the raw FreeBSD solution up in about a day with configuring everything by hand.
Getting someone to make this all clickable in pfSense will be very much worth the money I have pledged to the bounty. I sure hope someone takes my money. They will have earned it.
-
I am going to pick up this Bounty since I have some downtime waiting on another project. I just uploaded 4.1.2 to files.pfsense.org and re-enabled the package. We'll take it from there once it shows up in the packages section.
-
SpamD is working!
Free_the_mallocs, I was able to think up a "trick" to allow multiple mail servers behind the firewall. It's easy.
Simply:
1. Create an alias of hosts, add an ip for each mail server living behind the firewall. Call it mailservers.
2. Set Next MTA to the alias name, but surround it in {}, so it would be {mailservers} in this case.Please test and let me know what all else needs fixing up.
NOTE: I might change this in the future (which will auto-upgrade itself) but this was done so that we could get this working in 1.2-REL without a new filter.inc.
-
Sweet! I'll have to try it out tomorrow on a second machine, while I wait for Paypal to link to the new bank account. It's been a while since I used it…
-
1-3 should be working (hopefully) and I'll implement #4 by EOD friday.
-
Great news all around! We're setting up a test MTA right now and we'll probably start testing things here shortly.
-
I opened a topic in the forum for people to test this package and report back:
http://forum.pfsense.org/index.php/topic,8952.0.html
-
The package is ready for testing. Paypal me please at sullrich@gmail.com
Thanks!!