182

Using Message Sniffer with MDaemon

This article explains how to configured MDaemon to call Message Sniffer using the Content Filter. 

Using Message Sniffer with MDaemon

MDaemon can be configured to call Message Sniffer using the Content Filter. Using appropriate rules, Message Sniffer's result codes can be evaluated and used to trigger specific actions ranging from simply adding a header to deleting the message prior to delivery. This includes weighting, white-lists, per-domain and per-user configurations and so forth.

Installation of Message Sniffer with MDaemon:

  1. Create a directory on your MDaemon server (perhaps c:\sniffer) and copy the Winx distribution files into this directory. The important files are sniffer2.snf and sniffer2.exe.
  2. Create the following Content Filter Rules:

a. 'SPAM: Run Message Sniffer'

i. Apply this rule to messages in the LOCAL & REMOTE queue

ii.
Select Condition: 'All Messages'

iii. Select Action: 'Run Process...'

Program to execute: Enter the full path and command to run your copy of message sniffer. Replace the file name with '$MESSAGEFILENAME$' (must be all caps and enclosed by the quotes) i.e.

D:\sniffer\sniffer2.exe xnk05x5vmipeaof7 '$MESSAGEFILENAME$'

 

Seconds: Set to -1
Force to terminate: Unchecked
Run in hidden window: Checked

b. 'SPAM: Add Headers'

i. Apply this rule to messages in the LOCAL & REMOTE queue

ii. Select Condition: 'All Messages'

iii. Select Action: 'Add Extra Header Item 1 To Message'

Header Name: X-SPAM-Message-ID
Header Value: $MESSAGEFILENAME$ (must be all caps)

iv. Select Action: 'Search And Replace Words In A Header'

In The ... Header: X-SPAM-Message-ID Search Expression: Your MDaemon Dir (i.e. 'D:\Mdaemon\') Replace With: Leave Blank (Will Remove the Text)

v. Select Action: 'Add Extra Header Item 2 To Message'

Header Name: X-SPAM-Msg-Sniffer-Result
Header Value: $EXITCODE$ (must be all caps)

c. 'SPAM: White List' (This rule will vary)

i. Apply this rule to messages in the LOCAL & REMOTE queue

ii.
Select Conditions: 'If The FROM HEADER Contains'

Check For This String: Add Names of senders that you want excluded from SPAM Rules.

iii.
Select Action: 'Skip n Rules'

Skip Over How Many Rules: 1

d. 'SPAM: Disposition'

i. Apply this rule to messages in the LOCAL & REMOTE queue

ii.
Select Conditions: 'If The User Defined HEADER Contains'

UserDefined Header: X-SPAM-Msg-Sniffer-Result Change 'Contains...' to 'Is Not Equal To...'
Check For this String: 0 (Zero)

iii.
Select Action: 'Move Message To Public Folders...'

For this I have created/selected a Public Folder 'SPAM'

This basic configuration should get you started. We suggest you send yourself a test message including junkmsg.txt from the distribution. This should trigger Message Sniffer. You might also send yourself another Email with just the word test. Message Sniffer should not respond to this message.

After sending these messages you should examine the Content Filter log and the sniffer2.log files. The sniffer2.log file will reside in the sniffer directory you created. Any errors that have occurred will be present in these log files.