This procedure explains the process of setting up an Anti-Spam server called SpamTitan, The version 4.05 To download. This AntiSpam is available for download in an ISO to install on a physical server or there is also an ISO for use with VMware virtual machines. The official website is: www.spamtitan.com, There we can download some demos of 30 days, or we can directly connect to a SpamTitan demo that they have online at: HTTP://demo.spamtitan.com to play without having to install it, But it's not the same ;). As indicated on its website, for the 98,5% Spam, and has two antivirus solutions at once, that is why it is paid for one of them: Kaspersky and ClamAV; as well as email content control, Disclaimers in emails… At this link HERE, we have a comparison of the SpamTitan appliance against MV.

In this document, we'll use SpamTitan on a virtual machine using VMware Server. So we downloaded the ISO from the official website for VMware. We unzip it and open it from VMware, it can be the Player or Workstation as well. We ripped it out,

“Keep” & “OK”,

When you start it for the first time, you'll have to configure the SpamTitan, Press “And” And we hit the enter,

Default user that brings is “Admin” with password “hiadmin”,

The first thing and necessary is to configure the network to assign it an IP address that interests us and then be able to manage everything via the web. So we hit the “1”.

We will tell you the new IP address, The Network Mask, the gateway and to save the changes click on “And”, now “Enter” to continue.

Once the network is configured, we leave the console and go to manage everything via the web, for this, open a browser and go to the SpamTitan's IP address, we log in with the default user if we have not changed the password and click on “Login”,

This would be the main screen where we will see statistics and the status of our server in the future.

The first thing to do is to update it, for this, We're going to “System Setup” > “System Updates” and at first we click on “Start” to start checking for system updates.

Connects to the Internet and downloads available updates.

Now in the part of “Avaliable Updates” See the ones that have been downloaded, now what you have to do is install it one by one, We start from the oldest revision to the most recent, in this case from the 4.06 to the 4.09, pulsanto in “Install”,

Updating to 4.06…

Updating to 4.07…

Updating to 4.08…

And the last one in my case, 4.09…

Once installed, we will see them in the part of “Installed Updates”. From this part we will be able to configure the system updates, that are automatically downloaded, How often…

Once updated, We close the browser and open it again, one thing that brings new is that it has the possibility of language in Spanish, We logged in.

And we begin a review of all the eyelashes. In “System Configuration” > “License” is where we will upload the license for the server, We search for the .lic file from “Examine” and click on “Carry”, if it charges correctly, below you will put the details of the license.

In “System Configuration” > “Net”, We have the network configuration of the device, your IP address, Your Netmask, Your Gateway, the domain to which it belongs, the DNS servers that will resolve the DNS names to you, DNS Cache, if you need a Proxy server to browse we will configure it here by clicking on “Enable”… and we have the possibility to enter Hostnames manually if we do not have a DNS server configured.

In “System Configuration” > “Hour”, We have your time situation, We will configure the time zone where we are, the date and time.

In “System Configuration” > “Sending emails”. We can set the device name to “Hostname”, Configure the maximum size of emails to process. We tell you which networks are trustworthy, We put our internal network. We need to set up on the “Domains” the domains for which we will analyze SPAM, We have to enter the domains that we will manage and to which mail server we will send the email already analyzed. In “Frontline Content Control” We have several security options, e.g. require HELO/EHLO, or require FQDN names in domain name resolution, that are fully qualified domains with hostname included. We can reject different hostnames from here. “Emphasize RFC compliance” (HERE). Or enable it to check emails with blacklists in real time…

When we enter a domain to analyze SPAM, we should do a test to check that the emails will arrive correctly, so click on the domain that interests you in “Try”.

Put a test email & “Send”

We check our mail that it arrives perfectly, if it does not arrive, it is because we have configured some network parameter incorrectly,

In “System Configuration” > “Power Off/Restart” It's where we can turn off, Restart the appliance, log out or clear all your settings and leave you with factory settings (Watch out!).

In “Content filtering” > “Spam” We have several possible configurations. In the “Spam Filtering” we can enable or disable the AntiSpam function, How to configure the maximum size of emails to be analyzed. Whether or not we will have administrator notifications enabled. In “Spam Updates” we have the latest Spam detection rules downloaded from the Internet and how often they will be downloaded.

In “Content filtering” > “File Extensions” We have the possibility to scan different file extensions with antivirus, in the list of “Extensions” We'll put the ones we'll be looking at and we can also create exceptions in “File Exceptions”.

In “Anti-Spam Engine” > “Parameters” we have the general settings of our AntiSpam engine. In “Network Testing” We have the possibility to use all three spam detection engines: Razor_V2, Pyzor or RBLs. We must configure what our internal networks are and if we want to have the Bayesian analysis Enabled or not; Of course, if we have a Bayesian database created and very well configured, we will be interested in having very very well stored backups. We can use the Penpals DB, which means that if we have sent an email to an address, this address will have fewer points to be considered spam. Or if the spam reaches us in image format, We can enable the “Optical Character Recognition (OCR)” to try to detect the meaning of the image. We can also enable more filtering options such as Botnet, Passive OS Fingerprint detection, and filter by languages.

In “Anti-Spam Engine” > “Domain Policies” We can configure different types of filtering to the different domains we have, some more restrictive than others. We may or may not enable spam filtering, Give a rating to emails that we think are spam, If we still receive a lot of spam we should lower this score or if we are losing emails we will raise this score. As well as what to do with the emails that we detect as spam, whether to move them to the quarantine folder, Eliminate… In addition to this, we can enable the antivirus function, and what to do in case you detect a virus. Filter files depending on the extent of their attachments. And if we want we have the possibility to send reports/lists of the emails that have been quarantined to users.

In “Anti-Spam Engine” > “User Policy”, We can do all of the above but with certain user accounts instead of the entire domain group.

In “Parameters” > “Change Password” We can change the password of the administrator or user with whom we are logged in at that time.

In “Parameters” > “Interface Parameters” we have the possibility to change the SpamTitan Logo, Change the Time for the TimeOut of the Web Interface, Show the possibility of password reminder or a link for help.

In “Parameters” > “SSL”, is where we will generate the CSR (Certificate Signing Request) to request a certificate and secure the connection to SpamTitan from the browser, instead of going through HTTP then we would configure it to go over HTTPS using SSL. And from “Import Certificates” we would install it once it has been generated by an AC.

In “Parameters” > “Access/Authentication” We can enable the way of access, whether to use HTTP or HTTPS (and change the latter port), and from which networks we can connect to this console, in “Web Access”.

In “Parameters” > “Backup” we will back up the configuration of the SpamTitan appliance. And it will also be from here that we can import these settings.

In “Parameters” > “Notification templates” We have the ability to edit any end-user notification template, from the “Virus Notification Template to Recipient”, “Virus Notification Template to Administrator”, “Virus Notification Template to Sender”, “Mail Rejection Recipient Notification Template”, “Mail Rejection Administrator Notification Template”, “Mail Rejection Sender Notification Template”, “Spam Notification Template to Admin” or “Spam Sender Notification Template”.

In “Parameters” > “Remote Syslog” we can configure a remote server that manages the LOG's and stores them for us.

In “Parameters” > “Messages of responsibility on Departure” We can create a disclaimer message for the domain message send time.

In “Filter rules” > “Global Blacklist”, We will set our own rules to block certain emails that we consider spam, certain domains or email addresses.

In “Filter rules” > “Global Whitelist” quite the opposite of the previous one, will be the domains or email addresses that we fully trust are not spam, and that AntiSpam may block them because they think they are spam.

In “Quarantine” > “Manage Quarantine” We have the possibility to search for 'lost' emails’ In quarantine, Searching by Message Type, Recipient or sender.

In “Quarantine” > “Parameters”, We have the possibility to configure the service that will send the reports/reports of the emails that users have in quarantine. We can change the logo, modify the time we want them to be sent, Modify the sender's name/email, affair… and when the emails that are stored in the quarantine will expire.

In “Reports” > “System Information”, We have the appliance information, what services do you have in operation with?, and we can see a diagnosis of the different services of the system. So how to run three x tools if we need them, What they are like, the Ping, Traceroute or Dig.

In “Reports” > “Graphics” we can see the statistics of the SpamTitan in graphic mode.

In “Reports” > “Administration”, We have several statistics of the administration scope in text mode.

In “Reports” > “History” we can remove all mail transactions from the date of installation of the SpamTitan, See all emails that have passed through, We can make filters if we are interested and compact it over periods of time.

In “Reports” > “Reports” We can generate reports of different types to search for any statistics that are requested or data that we are investigating.

In “Reports” > “Scheduled Reports” is where we will set up a schedule for the reports to be sent to us by email, We will configure the desired type of report, Frequency of Shipping, in what format will you send it to us, to which email address and with what subject.

In “Reports” > “Archived Reports” We have stored the reports that we have consulted at some time and would like to consult again.

In “Logs” > “Mail” we have the mail log's from the server, in case we need to look for possible causes of a problem.

In “Logs” > “Interface” would be the server's UI logs.

And in “Logs” > “Messages” We have log files of the messages.

This is a description of all AntiSpam configuration screens: SpamTitan. For more information access the official website of the server, www.spamtitan.com.

www.bujarra.com – Héctor Herrero – Nh*****@bu*****.cOm – v 1.0