Warden Anti-spam and Virus Protection - Plesk Extension

Warden Anti-spam and Virus Protection


With the Warden Antispam and Virus protection, you get the best of both worlds. Open source standards for mail scanning from Spamassassin and ClamAV combined with deep integration with the Plesk control panel.

With support for over 15 Spamassassin plugins, outbound scanning, database logging, custom rule builder, multi-mailbox management, rich reporting, and multi-role access, Warden provides you with the most robust, extendable anti-spam and anti-virus solution for Postfix anywhere.

More Information
https://www.danami.com/products/plesk-extensions/warden-antispam-and-virus-protection

Important

  • This is a paid extension that is designed for power users and service providers. Some system administration experience is recommended.
  • On Centos/RHEL/Cloudlinux the EPEL repository will be enabled.
  • ClamAV, Spamass-milter, Razor2, and Pyzor packages will be installed on install and removed on un-install (The ClamAV packages will be removed if the Sentinel Anti-malware Plesk extension is not also installed).
  • Plesk Spamassassin packages must be installed before you install this extension. You can use the command: [ plesk installer add --components spamassassin ]
  • The Spamassassin network based tests require that you open the correct ports on the firewall in order to work properly.
    1. Razor2 requires that port 2703 TCP OUT be opened.
    2. Pyzor requires that port 24441 UDP IN / OUT be opened.
    3. DCC requires that port 6277 UDP OUT be opened.

Features

Spamassassin Anti-spam
Warden super charges Spamassassin® by providing deep integration with Plesk and enabling all of the most effective Spamassassin plugins.

  • Warden - Our own custom plugin provides advanced integration with Plesk.
  • Antivirus - Simple antivirus tests to check if an email contains an executable attachment.
  • ASN - Add metadata to the Bayesian filtering process, allowing the Bayesian filters to learn information based on the ASN of the connecting IP address.
  • AWL - Track scores from messages previously received and adjusts the message score by boosting or penalizing messages from senders who send ham or spam.
  • DCC - DCC is a system of servers counting checksums of millions of mail messages to determine of a message is bulk email or not.
  • DKIM - Perform DKIM lookups as well as historical DomainKeys lookups.
  • FreeMail - Check the headers for indication that a senders domain is that of a site offering free email services.
  • PDFInfo - Use several methods to detect a PDF files ham and spam traits.
  • Pyzor - A collaborative, networked system to detect and block spam using identifying digests of messages.
  • Razor2 - A distributed, collaborative, spam detection and filtering network based on user submissions of spam.
  • Rule2XSBody - Compile SpamAssassin ruleset into native code.
  • SPF - Check SPF records published by the domain owners in DNS to fight email address forgery and make it easier to identify spams.
  • TextCat - Score messages based on which language the email was written in.
  • TxRep - Normalize scores with sender reputation records.
  • URLDNSBL - Look up URLs in a message against DNS blocklists.

ClamAV Anti-virus
The ClamAV® open source multi-threaded scanner daemon detects trojans, viruses, malware and other malicious threats.
Extended signatures provide protection against Phishing, Scam, Casino, porn and other general spam.

  • The ClamAV milter is a high performance before-queue milter meaning you are able to reject infected mails in the incoming SMTP stage before they are accepted by the mail server.
  • The ClamAV milter automatically logs all detected viruses to the Warden database log.
  • Advanced database updater with support for scripted updates and digital signatures.
  • The virus signatures are updated multiple times per day.
  • Built-in support for various archive formats, including Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others.
  • Built-in support for ELF executables and Portable Executable files packed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others.
  • Built-in support for popular document formats including MS Office and MacOffice files, HTML, Flash, RTF and PDF.
  • Supports third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, or the Yara-Rules Project.

Outbound Anti-spam Scanning
Users can optionally enable outbound anti-spam scanning and logging. You can even scan and log PHP form mail to see exactly what scripts are sending out messages on a server.

  • Set a reject score to block outgoing SPAM in the outgoing SMTP stage before they are accepted by the mail server.
  • The outbound Spamassassin milter automatically logs all outgoing ham and spam to the Warden database log.
  • Supports setting a different outgoing required score different from the users incoming score.
  • Supports options for scanning both outgoing SMTP or Non-SMTP email (PHP form mail).
  • Set a custom message to provide realtime feedback to users that their email has been blocked.
  • Choose to tag and add X-spam headers to outgoing email or not alter the message at all.
  • Options to ignore SMTP auth senders or specific networks from outgoing scanning.

Database Logging
Every message scanned by Spamassassin or ClamAV can be logged to the Warden database. Easily see exactly why a message got a specific spam score.
Every message is linked directly to its Plesk mailbox so you can search though logs for a specific domain or mailbox.

  • The spam log shows you the sender, recipient, client IP, Client rDNS, subject, score, rule score, bayes score, relay country, language, direction, X-PPP-Vhost, X-PHP-Originating-Script and detailed spam rules matched for each message.
  • The virus log shows you the sender, recipient, subject line, and virus name for each infected message.
  • The Postfix mail logs are automatically processed and displayed in an easily readable format.
  • The Postfix mail rejection logs show you which emails were rejected by the server.
  • The POP3/IMAP log shows you the protocol, user, client IP, geographical location of each mail client.
  • The SMTP Auth log shows you the method, user, client IP, client rDNS, and geographical location of each authenticated mail client.
  • Perform whitelist and blacklist actions just by clicking on an email address.
  • Control exactly what gets logged to the database. Choose to log spam, ham, viruses, message headers, spam headers, or content previews.
  • Set the retention period to keep for your logs. The database is automatically pruned making sure you always have the logs you need without taking up too much space.

Custom Rule Builder
The mailbox management area shows you exactly how each mailbox is configured on the server. Apply spam filter changes individually per mailbox or in bulk by selecting multiple mailboxes at once.

  • Supports adding the name, description, type, value and score for each rule.
  • Supports advanced rule types (body, header, rawbody, meta, URI).
  • Supports advanced scoring with up to four different parameters.
  • Debug Spamassassin right though the web interface to check for any errors.
  • Supports adding custom rules individually or in bulk.

Multi-Mailbox Management
The mailbox management area shows you exactly how each mailbox is configured on the server. Apply spam filter changes individually per mailbox or in bulk by selecting multiple mailboxes at once.

  • View bayes learning statistics for each mailbox.
  • Enable or disable spam filtering for mailboxes.
  • Change the spam filtering actions (mark, delete or move).
  • Adjust the spam score.
  • Add or remove whitelist or blacklist entries.
  • Reset spam and virus logs or statistics.
  • View spam, ham, and virus totals for each mailbox.

Statistics and Reporting
An antispam and antivirus system is only as good as its reporting. We've written over 28 of the most detailed spam, ham, and virus reports anywhere.

  • View reports for the entire server or filter by domain or per mailbox.
  • View rule statistics on which antispam rules are being triggered.
  • View which countries are sending you the most spam.
  • Filter reports by specific date ranges.
  • Over 28 pre-built reports included and more are being written.
  • Write your own reports. Line, area, scatter, bar, pie, table, and map render types are supported.
  • Export report data to CSV file so you can import into a spreadsheet.

Network Based Tests
Full support for Razor 2, Pyzor, and DCC network based tests. These network based tests can dramatically improve detecting bulk email and spam.

  • Vipul's Razor is a distributed, collaborative, spam detection and filtering network based on user submissions of spam. Detection is done with signatures that efficiently spot mutating spam content and user input is validated through reputation assignments.
  • Pyzor is a collaborative, networked system to detect and block spam using digests of messages.
  • DCC detects unsolicited bulk mail. DCC servers exchange or "flood" common checksums. The checksums include values that are constant across common variations in bulk messages, including "personalization."

Learning and Reputation Management
Warden gives you deep access to learning and reputation statistics for a mailbox. Check if a mailbox's auto-whitelist or reputation data is good or has been poisoned by spammers.

  • View the number of Spam and Ham learned for a mailbox.
  • Reset bayes learning data for a mailbox or a domain.
  • View auto-whitelist or TxRep reputation statistics for a mailbox.
  • Prune auto-whitelist or TxRep reputation statistics mailbox or a domain.
  • View and export reports on learning and reputation statistics for a domain.

Multi-Role Access
Warden fully supports giving re-sellers and customers access to different parts of the Warden application. Enable your customers to help themselves without resorting to costly support calls.

  • Allow or deny access to manage their domains.
  • Allow or deny access to manage their mailboxes.
  • Allow or deny access to view reports.
  • Allow or deny access to view their own spam or virus logs.

Multi-Language Support

  • English
  • German
  • French
  • Spanish
  • Italian
  • Dutch
  • Polish
  • Portuguese
  • Russian
  • Chinese Simplified
  • Chinese Traditional
  • Japanese

Supported Operating Systems

  • CentOS 7.x
  • CentOS 6.x
  • Cloudlinux 7.x
  • CloudLinux 6.x
  • Debian 9.x
  • Debian 8.x
  • RedHat Enterprise Linux 7.x
  • RedHat Enterprise Linux 6.x
  • Ubuntu 16.04
  • Ubuntu 14.04

Supported VPS

  • Virtuozzo
  • OpenVZ
  • KVM
  • Xen
  • Vmware
  • HyperV

Supported Plesk Versions
Plesk 17.x

Supported Mail Servers
Postfix 2.11+

Third Party Software
Spamassassin, ClamAV packages from EPEL or Debian/Ubuntu Repositories

Memory Required
Minimum 1.5 GB system memory with at least 300 MB free

Version 1.11
Requires 17.0 and up
Developer Danami
Category Mail
Security
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Start typing and press Enter to search