LISTSERV at Work
AboutSubscriptionArchivesContact Us

Tech Tip (LISTSERV) – Issue 2 – 2005

Q: How can I get LISTSERV to check messages for spam?

Answer by Françoise Becker
VP of Software Engineering, L-Soft

LISTSERV 14.3 Classic and HPO include an "exit point" that allows you to use a third-party spam filter to scan messages processed by LISTSERV. The box below provides an example using SpamAssassinTM.

Three main tasks need to be accomplished in order to enable spam filtering in LISTSERV:

  1. Install the third-party spam filter.
  2. Provide a script that will scan messages using the third-party filter (if using SpamAssassin, you can use one of the L-Soft supplied scripts).
  3. Activate this script by making changes to the LISTSERV configuration.

After completing these tasks, LISTSERV will scan messages it processes and reject messages identified as spam.

1. Install the third-party spam filter

There are numerous spam filters available, both free and for purchase. There are two main considerations for selecting the spam filter to use with LISTSERV:

  • Command line interface: The exit script will need to be able to submit a file containing the message to be scanned and return the results to LISTSERV. The script will be much easier to write if a command line interface to the spam filter software is available, than if for example, SMTP connections are required to use it.
  • Performance: For high volumes of email, you must consider speed as a factor in your selection. Test the spam filter before you buy it, to make sure it is adequate for the normal load on your LISTSERV server. For example, in our tests, SpamAssassin took 3 to 10 seconds per message: if the server processes even 500 incoming messages per hour, this can severely impact LISTSERV's performance.

2. Provide a script to scan messages

You will need to write a script or program to interface between LISTSERV and the spam filter. L-Soft provides sample "exit" scripts for using SpamAssassin from LISTSERV running on Windows and Unix (see box below). You may use these scripts at your own risk or adapt them as needed for other operating systems and for other spam filters.

List Exits are described in Section 5 of the LISTSERV Developers' Guide – refer to this documentation for the script-writing details specific to the operating system on which LISTSERV is running, such as parameter passing conventions and file locations. Section 5.4 also provides detailed specifications of the SPAM_EXIT exit.

Here is a summary of how the "Spam Exit" script should work:

  • LISTSERV will write a file called spam.tmp and then run the script you supply, passing as a parameter to the script one of the following:
    • SCAN
    • SCAN listname
    • REPORT
  • The script needs to submit the spam.tmp file to the spam filter software, analyze the results, and report the results by writing them to a file called exit.output. If the message in spam.tmp was posted to a list, the list name is given on the SCAN parameter. The script can use this information if it is necessary to exhibit different behavior for specific lists. If all messages are to be treated the same regardless of the list they are posted to, you may ignore the list name.
  • For both the SCAN and REPORT parameters, the result should be written to the exit.output file as:
  • EXIT return-code

    Where return-code is:

    • 0: continue normally (no spam detected by the spam filter software)
    • 1: local whitelist (accept the message without running any further tests)
    • 2: reject the message.

    If the return-code is 2, the exit.output file should also contain the line:

    EXIT-STRING return-message

    Where return-message is a single line explanation of why the message was rejected.

  • For the REPORT parameter, it is desirable (though not absolutely required) to create an additional output file called spam.report in the same directory where spam.tmp is located. There is no special format for this report. It is not processed by LISTSERV, but simply reported to a human user when the "spam report" feature is used. For example, this feature is used by the LISTSERV Maestro "check for spam" function described in the LISTSERV Maestro Tech Tip in this issue.
  • If no spam.report file is created by the exit script, LISTSERV will use the EXIT-STRING message as a one-line report.

  • You may add additional reporting if desired. For example, the SAEXIT sample scripts from L-Soft (see the box below) also write a file called SAEXIT.LOG, logging information about each message that was determined to be spam. LISTSERV does not use this log file, but it can be used outside of LISTSERV to analyze the spam filter performance.

3. Enable spam filtering in LISTSERV

Once the spam filter software is installed and the spam exit script is ready, you need to configure LISTSERV to use them.

  • Make sure that your maintenance LAK is correctly installed and not expired. You must also be running LISTSERV 14.3 or later, Classic or HPO. The spam exit feature is not available in LISTSERV Lite. If you are unsure, use the SHOW VERSION command to find out what version you are running and the SHOW LICENSE command to check the maintenance expiration.
  • In the LISTSERV site configuration file, set the SPAM_EXIT parameter to the name of the script from Step 2.
  • If the ANTI_VIRUS parameter is specified in the site configuration file, it must be set to 1. (See the usage notes below).
  • Optionally, you may also want to set the SPAM_MAXSIZE site configuration parameter. Spam filters can take a long time to process very large messages. To reduce the performance impact of spam scanning (and prevent a denial-of-service attack through large messages) LISTSERV will avoid scanning very large messages for spam. The default for SPAM_MAXSIZE is 256k. LISTSERV can be forced to scan all messages by setting it to 0.
  • Restart LISTSERV to make the site configuration changes take effect.
  • If desired, individual lists can be exempted from the spam scan by setting the list header keyword Misc-Options=NO_SPAM_CHECK.

Usage Notes

  • The spam exit is implemented within LISTSERV's message scanner, which is informally known as the "virus scanner" because this was its original purpose. If the message scanner is disabled – for instance by setting the ANTI_VIRUS configuration parameter to 0, or by failing to install the maintenance LAK – both virus scanning and spam scanning are disabled. If a valid and current maintenance LAK is installed, but the ANTI_VIRUS configuration parameter is not explicitly set, LISTSERV will enable the message scanner if either virus scanning or spam scanning is configured and available.
  • If you are using L-Soft's Anti-Virus Station (AVS), the spam exit must be installed on the AVS server, not on the primary LISTSERV server. In such a configuration, all message scanning is performed by the AVS.

Example: Using SpamAssassinTM to scan messages in LISTSERV®

SpamAssassin is a popular open-source spam filter that can be downloaded free of charge from: spamassassin.apache.org.

For the purpose of this example, assume that SpamAssassin has been installed and configured on a server called "spamd.example.com" that is accessible to the LISTSERV server. It can be installed on the same server as LISTSERV, but this is not required. You can even run LISTSERV on Windows and SpamAssassin on unix, or vice-versa. SpamAssassin includes a client program called "spamc" that can submit messages to the SpamAssassin server for evaluation and return the results. It is this client that the sample exit scripts use to communicate with SpamAssassin.

To configure LISTSERV to use SpamAssassin using one of the L-Soft supplied scripts, follow the four steps below. The directions for a Windows installation and for a unix installation appear in separate columns.

Step 1: Install and test the SpamAssassin client "spamc"

Windows

Download and install spamc.exe.

A precompiled Windows version is available at: ftp.lsoft.com/listserv/ windows/contrib/spamc.exe

Save it in a directory in LISTSERV's path – for instance, the LISTSERV\MAIN directory. To test the client, issue the following command:

spamc -c d spamd-server < test-message

For example:
C:\> spamc -c -d spamd.example.com < testmsg.txt
3.8/5.0

The response must be two numbers as shown above, but the numbers can be different from the example. They are the SpamAssassin score of the test message. Any other response indicates an error. In that case, make sure that "spamd.example.com" is configured to allow connections from the LISTSERV host.

Unix

Download the spamc source from the SpamAssassin site.

Compile "spamc" on the LISTSERV host, then copy it to a directory in LISTSERV's path. To test it, issue the following command:

spamc -c d spamd-server < test-message

For example:
$ spamc -c -d spamd.example.com < testmsg.txt
3.8/5.0

The flags you need to use may vary depending on your version of SpamAssassin and configuration. The response must be two numbers as shown above, but the numbers can be different from the example. They are the SpamAssassin score of the test message. Any other response indicates an error. Refer to the spamc and spamd "man" pages for more information.

Step 2: Install perl or REXX (if not already available)

Windows

Install a REXX interpreter, such as Regina REXX (regina-rexx.sourceforge.net/, Windows kit download available at: prdownloads.sourceforge.net/ regina-rexx/regina33.exe?download). When prompted to register .REXX as a path extension, do so.

Alternatively, you can simply download rexx.exe from L-Soft at: ftp.lsoft.com/listserv/windows/ contrib/rexx.exe

and place it in the same directory where you saved "spamc.exe".

Unix

Install perl on the LISTSERV host, if not already installed.

Step 3: Install and configure the SAEXIT script

Windows

Download the L-Soft supplied sample rexx script at: ftp.lsoft.com/LISTSERV/ Windows/CONTRIB/saexit.rexx

Edit the script to configure, at a minimum, the address of your SpamAssassin server. You may also want to change other parameters. Make any other changes that you deem appropriate.

Save the script in LISTSERV's main directory: C:\LISTSERV\MAIN

You can call the script anything you want, but in this example we will assume that you have left the name unchanged (SAEXIT).

If you have not registered .REXX as a path extension when installing it in Step 2, or if you downloaded it from the L-Soft FTP site instead of installing the full rexx kit, you will need to download the command script called "saexit.cmd" in the C:\LISTSERV\MAIN directory from: ftp.lsoft.com/listserv/windows/ contrib/saexit.cmd

Unix

Download the L-Soft supplied sample perl script at: ftp.lsoft.com/LISTSERV/ UNIX/CONTRIB/SAEXIT.PL

Edit the script to configure, at a minimum, the address of your SpamAssassin server. You may also want to change other parameters. Make any other changes that you deem appropriate.

Save the script in LISTSERV's main directory: ~listserv/home

Set execute permissions.

You can call the script anything you want, but in this example we will assume that you have left the name unchanged (SAEXIT).

Step 4: Enable the saexit script

Windows

To enable the script, add the following lines to LISTSERV's configuration:

SPAM_EXIT=SAEXIT

Restart LISTSERV to make the change take effect, then mail a spam message to a test list to confirm that everything is working as configured.

Unix

To enable the script, add the following lines to LISTSERV's go.user file:

SPAM_EXIT="SAEXIT"
export SPAM_EXIT

Restart LISTSERV to make the change take effect, then mail a spam message to a test list to confirm that everything is working as configured.

Note: SpamAssassin was selected as an example due to its large installed base. L-Soft makes no representation as to its suitability in a production LISTSERV environment.

Copyright 2005 L-Soft