ISPProtect To Remove Spam within vmail?

Discussion in 'ISPConfig 3 Priority Support' started by Harvey Sharman, Feb 8, 2017.

  1. Harvey Sharman

    Harvey Sharman Member HowtoForge Supporter

    Hello @till

    Just a quick question, I need to buy ISPProtect license but want to clarify, would ISPProtect scan also for malicious spam items within the /var/vmail just like ClamAV and rkhunter?

    Harvey Sharman
     
  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    Hi @Harvey Sharman
    ISPProtect is not really developed for recognizing spam mail content. It is for scanning web files for malware and outdated versions of installed websoftware.
    In Scan Level 1 it uses clamav together with our own signatures, so it might recognize some spam mails, but as said it's not the real use-case for ISPProtect.
     
  3. till

    till Super Moderator Staff Member ISPConfig Developer

    Hi Harvey, the incoming email is scanned for spam and viruses by amavisd and clamav before it get's stored on the harddisk. If too much spam goes trough on your server then I would recommend trying to improve the scan while the mail get's received and not scanning the mail files for spam on the harddisk.

    - Do you use email blacklists on your server (See System > server config > mail?
    - Another way to improve filtering is to install razor and dcc (which get used by amavis when installed to improve filter acciracy).
     
  4. Harvey Sharman

    Harvey Sharman Member HowtoForge Supporter

    Thank you Marius.
     
  5. Harvey Sharman

    Harvey Sharman Member HowtoForge Supporter

    Thank you till,
    I primary use Barracuda Networks to deliver clean email but one mail server I have did not use in full production but now begin to start to use it and decided I need to scan for anything that did get through port 25 which was open for a while. ClamAV seems to be not installed and the Linux distribution is CentOS 7. Finding the ClamAV install packages is not applying correctly and having difficulty installing ClamAV on CentOS 7. I will try and locate other coding to install ClamAV.

    I will look at Razor and dcc and test this.

    No I don't use any blacklisting but if there is some large global list of domains to block, this would be handy but again our Barracuda Email security does lot of this.

    Harvey
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    Did you use one of the perfect server guides to install ISPConfig on this CentOS server? In that case, ClamAV and amavis should both be in place and configured automatically to scan the emails. https://www.howtoforge.com/tutorial...l-php-pureftpd-postfix-dovecot-and-ispconfig/

    Regarding blacklists, when you use barracuda in front of the servers, then the blacklists might not work as the email originates from barracuda then and not the original sender.
     
  7. Harvey Sharman

    Harvey Sharman Member HowtoForge Supporter

    Yes I did. In a moment, I will enter the code for ClamAV and let you know what the error is as I cannot recall last time it said the error.

    Thank you about 'Blacklist' as yes the original sender will pick it up as Barracuda IP and domain. I might try the mail servers 'Blacklist' if I don't route the MX records through Barracuda.

    Harvey
     
  8. Harvey Sharman

    Harvey Sharman Member HowtoForge Supporter

    @till
    I found the correct terminal command to update and run ClamAV. When I run systemctl start clamd.service or or
    yum install clamav clamav-scanner-systemd or
    /etc/init.d/clamd on and /usr/bin/freshclam or systemctl start clamd it says loaded: not-found (reason: no such file or directory) so I found it works by updating ClamAV with /usr/bin/freshclam and to run a manual scan /usr/bin/clamscan

    Harvey Sharman
     
    till likes this.

Share This Page