Working OpenBSD spamd package ** now $800USD - $1000USD **



  • It looks like the OpenBSD spamd package has died from non-interest.

    I have a project at work where I need to setup two to N OpenBSD spamd boxes to reduce the spam load on my mail servers.  In order to prevent the company having to depend on me to keep it running, I thought, “Hey, pfSense has a spamd package.  I can use that and the CARP failover stuff to make everything all reliable and ‘clicky’ in case I get hit by a truck.”  Unfortunately, there is no spamd package in 1.2RC3.

    It looks like rcarr has probably invested a lot of time toward getting it fixed but may not have found the time/motivation to get it complete/committed.

    I would like to have these boxes up and running in about a week, and will go with a vanilla FreeBSD and spamd install if I need to to get it up.

    I’ve not previously managed a spamd installation so my requirements will be met by getting the package working and committed to the project with, at least the functionality it had back when sullrich initially built it plus the fixed^Hs for issues rcarr noted in his post.  I don’t know enough about spamd to have further requirements at this time.  I’m trying to avoid having to learn it in too much detail too… 🙂  Too many projects running right now.

    http://forum.pfsense.org/index.php/topic,5660.msg33728.html#msg33728

    If someone can get it working that far, I can find out what I want changed, if anything, beyond that and offer another bounty.



  • Any news on this?  I’d be interested in this package too, but I don’t have money to add to the bounty.

    On the other hand, I’d be willing to look at the code to make it work.  The package is no longer available to be installed, but I can still see some files that seem to be related on the pfSense CVS Repository (http://pfsense.com/cgi-bin/cvsweb.cgi/tools/packages/?hideattic=0;sortby=date;f=h#dirlist).

    Also, I took a look at the file http://www.pfsense.com/packages/pkg_config.xml and from the looks of it, I should be able to see the spamd package at the very end, but it just doesn’t show up.  It looks like the XML is not right as there are lots of packages that are outside of the <packages></packages>tags.  I have modified that XML file and put it on my own repository so that I can try the spamd package.

    I’ll let you know what I find out.



  • So far, no one has been interested.

    I’m good for the bounty for the foreseeable future.

    The xml seems to support moving broken packages to an area where they are disabled, but not completely removed.  That’s about as far as I have had time to dig into it.



  • take a look on mailscanner  project … it’s a great job to kill UCE… i have used for years with good detection …



  • Mailscanner solves a completely different problem.  OpenBSD’s spamd project can sit on a box in front of something like a mailscanner and reduce the amount of mail that the other box has to scan.  I have a cluster of Barracuda Networks Spam Firewall boxes which do a decent job without needing too much of my attention.  I would like to have a cluster of pfSense boxes with OpenBSD’s spamd utility sitting in front of the Barracuda’s to try to bring the 500,000 message sending attempts via each box down to something like 300,000 attempts, or less.  Otherwise, I need to spend money on an additional Barracuda to maintain acceptable performance for my end users.

    I have used several spam scanning systems built around SpamAssassin and ClamAV plus other stuff, including the Barracudas.  They all tend to be about the same in terms of effectiveness in an ISP environment where a global bayes database is impossible.  The Barracudas are handling more mail per box with a prettier (for the users) interface than the assembly required stuff available when I switched to them.  The administration time savings have made them worth the subscription renewal pricing.



  • ok … i understood…

    in some customers i used an pool of mailscanners combined with: Dns tests, (reverse IP, SPF) bayes DB, spam balcklists are downloaded to my servers each 15 minutes, i use two lines of AV … (bitdefender and Clamav).
    To decide what the host to be used, my dns responses are in round-robin way with low time in cache, to assure diferent replys.  in one customer 500.000 UCE are blocked per day and 50.000 clean and valid emails are receveid all day in 1.000 mailboxes of an M$ server.



  • That’s what I would call Defense In Depth!

    😉



  • i would be very interested in spamd being brought back into pfSense. We have two pfSense CARP routers sitting infront of a mail server that takes in 30-50k emails per day most of which is spam. I would love to see and have spamd implemented on pfSense. This would also be significantly helpful so we don’t have to expose Exchange machines to the internet. right now we use postfix at our colo and deliver it ot the exchange machine via ipsec.
    I am willing to throw down $250 for this in the next few weeks. i would like to give the money directly to the project and have them payout someone who completes this bounty.
    thanks,



  • okay, call my pledge $250 too.

    That makes $500 total.



  • Centipede Networks will offer an additional $300 to this bounty for the following:

    1. The spamd package must work with 1.2-RELEASE
    2. The spamd package must provide support for multiple destination mail servers
    3. The spamd package must work with a CARP or ProxyARP virtual IP address
    4. Configuration settings for the spamd package must be mirrorable to other CARP members

    optional

    1. It would be especially nice if the spamd package can work in a bridged configuration.  If this isn’t possible, no big.

    signing bonus:
    If this project is completed prior to Friday, April 18th, Centipede Networks will pay an additional $200 to the bounty.



  • @submicron:

    Centipede Networks will offer an additional $300 to this bounty for the following:

    Sweet!  Thanks!



  • ok ….

    i will give a try to spamd package … can someone give access to old package ??? will be aa good start point …





  • @dhipo:

    ok ….

    i will give a try to spamd package … can someone give access to old package ??? will be aa good start point …

    Are you actively working on this bounty?



  • yes, 
    i´m looking to understand and knows the package …. i only worked before on Mailscanner… but now i am in learning mode …

    in  this moment it´s an experimental … not for bounty … .just for comunity …



  • In the hopes that relating my experience with spamd will motivate some people to contribute to this bounty, and ultimately motivate a developer to take the bounty, here is the story.

    I have put up a FreeBSD 7.x box where I want the pfSense box(es) to see how much of a difference spamd is going to make.  So far, it looks like it is going to knock about half the load off my Barracuda boxes.

    I moved one unit behind the spamd box yesterday and saw a drop in message attempts per hour on that box drop from 18,000 per hour to about 3,000 per hour.

    I left it running that way for about 20 hours and it worked it’s way up to about 4,000 per hour for the hour before I began moving the second barracuda.

    Servers were not being very successful in un-greylisting themselves because when box 1 told them to shove off, they immediately sent the message via box 2.  At 11am I disabled the second box.  In a couple of hours, we were seeing about 8,300 message attempts per hour on the protected box.  The number of whitelisted entries climbed very quickly.  (Before the spamd box was inline, one box could not have survived handling the e-mail load by itself.  It ran about 2  hours 50 minutes taking the full load without breaking a sweat.)

    We now have both boxes behind the spamd box and are seeing just under 6,000 message attempts per hour per box.  The number of allowed messages per hour per box has gone from about 2,000 to about 1,000.  If things stay this way, my customers are going to start wondering where their spam is.  So far, we have had no complaints of missing e-mail.  However, we are only 25 hours in.  I suspect more and more spam hosts will successfully white list themselves, but the Barracudas should take care of them when they get through.  I have hope that we will stabilize at around 10,000 message send attempts per hour per box.  That will be an almost 50% reduction in load on the barracudas.  This is a very impressive layer to add to the e-mail security onion.

    The spamd box is a Via C7 1GHz with 256MB RAM and 3 Intel gigabit NICs.  I still have about 20MB free memory and we are at about 20% cpu utilization system wide.  The spamd processes themselves are using about 17% of the CPU.

    All of that to say, having spamd working on a pfSense box could very well save your spam scanning hardware from needing to be upgraded for a year or two.  I spent 2 weeks trying to get the pfSense development environment figured out and finally punted and had the raw FreeBSD solution up in about a day with configuring everything by hand.

    Getting someone to make this all clickable in pfSense will be very much worth the money I have pledged to the bounty.  I sure hope someone takes my money.  They will have earned it.



  • I am going to pick up this Bounty since I have some downtime waiting on another project.  I just uploaded 4.1.2 to files.pfsense.org and re-enabled the package.  We’ll take it from there once it shows up in the packages section.



  • SpamD is working!

    Free_the_mallocs, I was able to think up a “trick” to allow multiple mail servers behind the firewall.  It’s easy.

    Simply:

    1. Create an alias of hosts, add an ip for each mail server living behind the firewall.  Call it mailservers.
    2. Set Next MTA to the alias name, but surround it in {}, so it would be {mailservers} in this case.

    Please test and let me know what all else needs fixing up.

    NOTE: I might change this in the future (which will auto-upgrade itself) but this was done so that we could get this working in 1.2-REL without a new filter.inc.



  • Sweet!  I’ll have to try it out tomorrow on a second machine, while I wait for Paypal to link to the new bank account.  It’s been a while since I used it…



  • 1-3 should be working (hopefully) and I’ll implement #4 by EOD friday.



  • Great news all around!  We’re setting up a test MTA right now and we’ll probably start testing things here shortly.



  • I opened a topic in the forum for people to test this package and report back:

    http://forum.pfsense.org/index.php/topic,8952.0.html



  • The package is ready for testing.    Paypal me please at sullrich@gmail.com

    Thanks!!



  • I’m going to count this as a feature request rather than a bug.  The requirement to encapsulate an alias inside of {}'s is inconsistent with the pfSense UI.  Ideally, there would be a drop down field to specify a single IP or an alias, and if alias is selected, then the alias field would autopopulate just like in other places throughout the UI.



  • @submicron:

    I’m going to count this as a feature request rather than a bug.  The requirement to encapsulate an alias inside of {}'s is inconsistent with the pfSense UI.  Ideally, there would be a drop down field to specify a single IP or an alias, and if alias is selected, then the alias field would autopopulate just like in other places throughout the UI.

    Absolutely.  But that is the only way to work with 1.2 without shipping a new filter.inc.   And it has changed to $aliasname instead of {}.   As I stated previously this will change going forward where the item will automatically be changed into a name without the $.  But for 1.2 that is all we can do…

    From an earlier post in this thread… “NOTE: I might change this in the future (which will auto-upgrade itself) but this was done so that we could get this working in 1.2-REL without a new filter.inc.”



  • I have received payment from submicron and lambert.  Everyone else that committed to this bounty, please pony up or face the wrath of the bounty pig.



  • Pardon me for my ignorance, I am new to pfsense.  Is a bounty package only available to those who contribute to the bounty?  This port of spamd is a main reason why I chose pfsense, so I would like to know what the process is to get access to it.

    Thank you
    Cheers, Liam



  • This particular package is available to anyone now and will be freely available going forward.  In fact, we’d encourage you to grab it and test it.  Generally bounty projects are available to anyone, the only real exception has been the Traffic Shaper, which will be freely available to anyone in pfSense 1.3, but for those who contributed to the bounty project, its available in a special 1.2 release so that it can be fully tested and support methodologies developed.



  • @xibalba:

    i would be very interested in spamd being brought back into pfSense. We have two pfSense CARP routers sitting infront of a mail server that takes in 30-50k emails per day most of which is spam. I would love to see and have spamd implemented on pfSense. This would also be significantly helpful so we don’t have to expose Exchange machines to the internet. right now we use postfix at our colo and deliver it ot the exchange machine via ipsec.
    I am willing to throw down $250 for this in the next few weeks. i would like to give the money directly to the project and have them payout someone who completes this bounty.
    thanks,

    Please paypal me sullrich@gmail.com



  • @sullrich:

    Please paypal me sullrich@gmail.com

    I just sent you $50, I know I wasn’t part of the bounty originally but I appreciate your work and would like to see development continue and some issues worked out in it such as the whitelist/blacklist count fixed and other nitpicky things. Thanks for your work on it.



  • Wow neat, thanks for the contribution!  I’m sure he appreciates it.



  • Indeed.  I can use all the money I can get right now.  Damn A/C went out in my house 😞

    I’ll be jumping back into SpamD later this week.  Taking a much needed break for a few days.


Locked
 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy