SMTPPLUSSMTPPLUS is a product designed to provide a replacement for the VM SMTP machine included as part of TCP/IP. In addition to performing the functions of VM SMTP, it offers higher performance, as well as integrated spam and virus scanning.
SMTPPLUS FeaturesSMTPPLUS acts as an SMTP transport, listening for SMTP mail on TCP port 25, and delivering that mail either over TCP/IP to other hosts, or directly to the virtual reader of a VM user. This is also the function of the VM SMTP machine, which it replaces. However, SMTPPLUS is also capable of performing virus and spam scanning, and performing policy-based routing or rejection of messages determined to be spam or to contain viruses. The SMTPPLUS SMTP Mail Transfer Agent is significantly more configurable than VM SMTP. Full IPv6 support is included. Performance is significantly better than the base VM SMTP product, when functioning as a pure Mail Transport Agent. Spam and virus scanning add significant CPU and I/O load to the system. If you need a VM MTA that performs better than your hardware can deliver with scanning enabled, consider turning off spam and virus scanning on SMTPPLUS and performing those tasks outboard.
High-Performance Mail ProcessingSMTPPLUS uses the powerful and popular Exim v.4 as the core of its Mail Transfer Agent. It is extremely customizable and is in wide use at installations of all sizes. Exim is especially popular at sites with very high mail volumes.
Automated Virus ScanningSMTPPLUS uses the Amavis-NG framework as the infrastructure for both its spam and its virus detection. Mail is passed to Amavis, which in turn feeds it through a set of filters to determine the ultimate fate of the messages. In the default configuration, both incoming and outgoing mail is scanned. The default configuration uses the Clam Antivirus Open Source AV scanner; however, Amavis is easily configured to use other scanners, as each site prefers. In the default configuration, Clam AV updates its list of virus signatures nightly. This feature requires configuring the SMTPPLUS machine with a globally routable IP address, or positioning it behind an HTTP proxy.
Automated Spam Detection, Tagging and RejectionSpamAssassin is configured as the spam scanner. In its default configuration, it takes a fairly conservative view of what it considers spam; only extremely spammy messages will actually be discarded (with a negligible false-positive rate; in about a year of using SpamAssassin, the author has never seen a legitimate mail with a spam score above 10.0, which is the default discard threshold). Messages deemed to be spam, but not so offensively so as to be discarded unread, are tagged as spam before delivery, and thus can be easily filtered by the end- user's mail tool. SpamAssassin is configured to allow Bayesian learning capabilities, but it is the responsibility of the site administrator to sort through the spam and ham folders and recategorize anything in the wrong folder, so that the Bayes algorithms actually learn to discriminate better.
Automated Removal of Hostile PayloadsThe virus scanner, by default, will quarantine any message it recognizes as infected, for further perusal by the system administrator. This can be configured to simply discard the message, to remove the infected content (if possible), and to warn either the sender or the recipient that the message was infected. It will also scan for, and remove, message parts with specified extensions (e.g. .exe and .com).
Compatibility with VM SMTP Spool and BSMTP MAILER InterfacesSMTPPLUS is fully compatible with the SMTP spool and mailer interfaces. A message may be sent to SMTPPLUS's reader in any of three formats: a plaintext (EBCDIC) RFC-2822 mail message, a NETDATA-encoded RFC-2822 encoded message, or a BSMTP transaction. All of these will be decoded into ASCII and fed to the MTA. Messages for local--i.e. VM punch--delivery are encoded in NETDATA form and punched directly to users' readers. The SMSG interface to the VM SMTP server is not supported although Linux equivalents exist to, for example, monitor queue state.
SMTPPLUS DesignSMTPPLUS has two major components. Its core message-processing system is a Linux virtual machine. It also contains a CMS-based application proxy engine. This proxy runs inside a CMS helper machine (usually SMTP) and uses the VM TCP/IP stack. This helper machine will be referred to below as the "Application Proxy". Processing EngineThe Processing Engine is the Linux guest (usually SMTPPLUS). It runs Exim and Amavis, and Amavis in turn invokes SpamAssassin and Clam Antivirus. These functions are provided by Open Source software. Inbound and outbound spool integration is provided by Sine Nomine-written custom code. This software is not Open Source, and may not be redistributed. Application ProxyThe Application Proxy is a CMS RSK-based utility known as IPMAPPER. It provides bidirectional proxying from the VM stack to the Linux guest. In the shipped configuration, it proxies any traffic to port 25 to the Linux guest's SMTP port, and allows the Linux guest to request that a local port be mapped to proxy to an arbitrary host/port combination.
Integration PointsThere are several opportunities for user modification of SMTPPLUS's functionality. Spam and virus mitigation policies are completely user-configurable. Mapping of e-mail addresses to local VM users is under the user's control. The frequency with which the virus signature database is updated is user-configurable. All aspects of mail routing--not merely the recipient, but also inbound and outbound relaying decisions, host access decisions, and user authentication, can be set as site policy.
Full DocumentationFull documentation can be downloaded and reviewed below.
Contact info (at) sinenomine.net for pricing and discount information for education and government buyers.
|
Printer-friendly version