Tag Archives: magicspam

MagicSpam and Debian 6.0

Posted on by
1

Debian 6.0 has transitioned over to dependency based boot sequencing. This now allows sysinit scripts to specify dependencies between one another. This is done via an LSB header added to the top of the script. Here’s what the header looks like in /etc/init.d/apache2:

### BEGIN INIT INFO
# Provides:          apache2
# Required-Start:    $local_fs $remote_fs $network $syslog $named
# Required-Stop:     $local_fs $remote_fs $network $syslog $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# X-Interactive:     true
# Short-Description: Start/stop apache2 web server
### END INIT INFO

MagicSpam places two sysinit scripts into /etc/init.d/, magicspam-milter and magicspam-rn, both of which will error out and go into a loop when you try to perform update-rc.d operations on them. This happens because update-rc.d now uses insserv to handle the runlevel script manipulation and expects the LSB header. If the script does not have the header, update-rc.d borks. Both MagicSpam scripts currently do not have this header. In fact i’ve found that the lack of headers breaks much more, for example I tried to install another package and it wouldn’t let me because of the MagicSpam packages.

The workaround is not to modify the sysinit file directly, but to add a similar named file into /etc/insserv/overrides/ with the necessary LSB headers. update-rc.d will then read these headers in during runtime without you having to modify the original files. If you update the package, it won’t remove your added LSB headers.

Here’s what i’ve got in mine.

/etc/insserv/overrides/magicspam-milter

### BEGIN INIT INFO
# Provides:          magicspam-milter
# Required-Start:    $local_fs $remote_fs $network $syslog $named
# Required-Stop:     $local_fs $remote_fs $network $syslog $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# X-Interactive:     true
# Short-Description: Start/stop MagicSpam milter
### END INIT INFO

/etc/insserv/overrides/magicspam-rn

### BEGIN INIT INFO
# Provides:          magicspam-rn
# Required-Start:    $local_fs $remote_fs $network $syslog $named
# Required-Stop:     $local_fs $remote_fs $network $syslog $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# X-Interactive:     true
# Short-Description: Start/stop MagicSpam rn
### END INIT INFO

The permanent fix is for LinuxMagic to added these LSB headers into their package for Debian 6.0. I’m going to mail support about this and see what they say. Even if they don’t fix it, you have a viable workaround if you follow the instructions above.

Good luck!

References:

LSBInitScripts/DependencyBasedBoot

MagicSpam for Plesk review

Posted on by
5

Updated 19/05/2011

There aren’t a lot of MagicSpam reviews out there, so I thought i’d write something up to let everyone know how we went with it.

Overview

MagicSpam for Plesk is a spam filtering module for Plesk. It performs best practice and DNSBL checks against all mails coming into the system.

The module compliments but does not replace Spamassassin. MagicSpam filters mail pre-smtp but does not do content filtering so it won’t get rid of those Viagra mails, not directly anyway.

Installation

Installation was fairly easy. Upon purchasing a license, you receive a link to the installation package (we use Debian so it was a .deb). You download and install the package and it installs itself as a module in Plesk. The license is tied to your Plesk license, so despite what the instructions that get mailed to you say (they’re completely wrong), refresh your Plesk license (Retrieve Keys) to obtain the updated key that licenses MagicSpam. Don’t try to update the license from the MagicSpam module itself as it wont work.

Usage

MagicSpam pretty much “just works”. It doesn’t require an inordinate amount of tweaking but you’ll need to tell it what policies to enforce when receiving mails from other mail servers, such as checking for a valid HELO which a lot of spammers don’t provide correctly, and implementing DNSBL’s for blocking known spam servers and end user networks.

There are nice graphs which gives you a visual overview of how much mail is entering your system, and how much of that is spam.

Recommended settings

Based on my experience in the field, i’d recommend using MagicSpam together with Spamassassin. This should catch almost all spam. Almost :)

Here are the settings I use.

Best practice rules

Rule Status
Block messages from IP Enabled
Block Mail Servers on Dynamic/Dial-up Addresses Disabled
Perform reverse lookup check Enabled
Block Mail Servers reported as Spam Source Enabled
Confirm Server Identification Resolves (HELO) Disabled
Strict address parsing Enabled
Sending server must identify itself (HELO) Enabled
Valid FROM domain Disabled
Server Identification must be valid (HELO) Enabled

IP Reputation

Rule Status
UCEPROTECT-1 Enabled
UCEPROTECT-2 Enabled
PSBL Enabled
SORBS-DUL Disabled
MIPSPACE Disabled
RATS-DYNA Enabled
RATS-NOPTR Enabled
RATS-SPAM Enabled

Conclusion

MagicSpam is no IronPort, but it’s an easy to install, affordable, plug and play alternative. It works well especially when used together with Spamassassin. MagicSpam acts to catch spam before it enters the system, and Spamassassin will weed out anything else.

I’m pretty sure that Postfix can be configured to do what MagicSpam does, but most people simply don’t know how as it requires intimate knowledge of how Postfix works and how to configure it. This is where MagicSpam shines as a turnkey anti-spam solution. It just works.