Warden Anti-spam and Virus Protection
With the Warden Antispam and Virus protection, you get the best of both worlds. Open source standards for mail scanning from SpamAssassin® and ClamAV® combined with deep integration with the Plesk control panel.
With support for over 27 SpamAssassin plugins, outbound scanning, database logging, custom rule builder, multi-mailbox management, rich reporting, and multi-role access, Warden provides you with the most robust, extendable anti-spam and anti-virus solution for Postfix anywhere.
- This is a paid extension that is designed for power users and service providers. Some system administration experience is recommended.
- On Centos/RHEL/Cloudlinux the EPEL repository will be enabled.
- ClamAV, Spamass-milter, Razor2, and Pyzor packages will be installed on install and removed on un-install (The ClamAV packages will be removed if the Sentinel Anti-malware Plesk extension is not also installed).
- Plesk SpamAssassin packages must be installed before you install this extension. You can use the command: [ plesk installer add --components spamassassin ]
Warden super charges SpamAssassin® by providing deep integration with Plesk and enabling all of the most effective SpamAssassin plugins.
- Warden - Our own custom plugin provides advanced integration with Plesk.
- Antivirus - Simple antivirus tests to check if an email contains an executable attachment.
- ASN - Add metadata to the Bayesian filtering process, allowing the Bayesian filters to learn information based on the ASN of the connecting IP address.
- AWL - Track scores from messages previously received and adjusts the message score by boosting or penalizing messages from senders who send ham or spam.
- DCC - DCC is a system of servers counting checksums of millions of mail messages to determine of a message is bulk email or not.
- DecodeShortURLs - Decode shortened URLs in messages then add the URLs to a list of URIs which can then be scored and accessed by other plug-ins.
- DKIM - Perform DKIM lookups as well as historical DomainKeys lookups.
- FreeMail - Check the headers for indication that a senders domain is that of a site offering free email services.
- FromNameSpoof - Perform various tests to detect spoof attempts using the From: header name section.
- HashBL - Search for email addresses in the message header and body and check them against various blacklists.
- OLEVBMacro - Use several methods to search attached documents for evidence of an OLE Macro or VB code.
- PDFInfo - Use several methods to detect a PDF files ham and spam traits.
- Phishing - Check URIs against Openphish and PhishTank phishing feeds.
- Pyzor - A collaborative, networked system to detect and block spam using identifying digests of messages.
- Razor2 - A distributed, collaborative, spam detection and filtering network based on user submissions of spam.
- RelayCountry - Add metadata to the Bayesian filtering process, allowing the Bayesian filters to learn information based on countries.
- ResourceLimits - Limit the memory / CPU usage of child spamd processes.
- Rule2XSBody - Compile SpamAssassin ruleset into native code for optimum performance.
- SH - The Spamhaus data query service is a set of DNSBLs with real-time updates operated by by Spamhaus Technology.
- SPF - Check SPF records published by the domain owners in DNS to fight email address forgery and make it easier to identify spam.
- TesseractOcr - Use optical character recognition to parse text from images within the body of an email.
- TextCat - Score messages based on which language the email was written in.
- TxRep - Normalize scores with sender reputation records.
- URLDNSBL - Look up URLs in a message against DNS blocklists.
- URILocalBL - Blacklist URIs using local country and CIDR information.
- VBounce - Aid in rescuing genuine bounces.
- WhiteListSubject - Whitelist or blacklist by Subject: header.
The ClamAV® open source multi-threaded scanner daemon detects trojans, viruses, malware and other malicious threats.
Extended signatures provide protection against Phishing, Scam, Casino, porn and other general spam.
- The ClamAV milter is a high performance before-queue milter meaning you are able to reject infected mails in the incoming SMTP stage before they are accepted by the mail server.
- The ClamAV milter automatically logs all detected viruses to the Warden database log.
- Advanced database updater with support for scripted updates and digital signatures.
- The virus signatures are updated multiple times per day.
- Built-in support for various archive formats, including Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others.
- Built-in support for ELF executables and Portable Executable files packed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others.
- Built-in support for popular document formats including MS Office and MacOffice files, HTML, Flash, RTF and PDF.
- Supports third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, or the Yara-Rules Project.
Outbound Anti-spam Scanning
Users can optionally enable outbound anti-spam scanning and logging. You can even scan and log PHP form mail to see exactly what scripts are sending out messages on a server.
- Set a reject score to block outgoing SPAM in the outgoing SMTP stage before they are accepted by the mail server.
- The outbound SpamAssassin milter automatically logs all outgoing ham and spam to the Warden database log.
- Supports setting a different outgoing required score different from the users incoming score.
- Supports options for scanning both outgoing SMTP or Non-SMTP email (PHP form mail).
- Set a custom message to provide realtime feedback to users that their email has been blocked.
- Choose to tag and add X-spam headers to outgoing email or not alter the message at all.
- Options to ignore SMTP auth senders or specific networks from outgoing scanning.
Every message scanned by SpamAssassin or ClamAV can be logged to the Warden database. Easily see exactly why a message got a specific spam score.
Every message is linked directly to its Plesk mailbox so you can search though logs for a specific domain or mailbox.
- The spam log shows you the sender, recipient, client IP, Client rDNS, subject, score, rule score, bayes score, relay country, language, direction, X-PPP-Vhost, X-PHP-Originating-Script and detailed spam rules matched for each message.
- The virus log shows you the sender, recipient, subject line, and virus name for each infected message.
- The Postfix mail logs are automatically processed and displayed in an easily readable format.
- The Postfix mail rejection logs show you which emails were rejected by the server.
- The POP3/IMAP log shows you the protocol, user, client IP, geographical location of each mail client.
- The SMTP Auth log shows you the method, user, client IP, client rDNS, and geographical location of each authenticated mail client.
- Perform whitelist and blacklist actions just by clicking on an email address.
- Control exactly what gets logged to the database. Choose to log spam, ham, viruses, message headers, spam headers, or content previews.
- Set the retention period to keep for your logs. The database is automatically pruned making sure you always have the logs you need without taking up too much space.
Custom Rule Builder
Add custom SpamAssassin rules right though the Warden interface. Apply rules matching the message header, subject, body or even specific URI's.
- Supports adding the name, description, type, value and score for each rule.
- Supports advanced rule types (body, header, rawbody, meta, URI).
- Supports advanced scoring with up to four different parameters.
- Debug SpamAssassin right though the web interface to check for any errors.
- Supports adding custom rules individually or in bulk.
- Pre-defined templates allow you to add custom rules with ease.
The mailbox management area shows you exactly how each mailbox is configured on the server. Apply spam filter changes individually per mailbox or in bulk by selecting multiple mailboxes at once.
- View bayes learning statistics for each mailbox.
- Enable or disable spam filtering for mailboxes.
- Change the spam filtering actions (mark, delete or move).
- Adjust the spam score.
- Add or remove whitelist or blacklist entries.
- Reset spam and virus logs or statistics.
- View spam, ham, and virus totals for each mailbox.
Statistics and Reporting
An antispam and antivirus system is only as good as its reporting. We've written over 50 of the most detailed spam, ham, and virus reports anywhere.
- View reports for the entire server or filter by domain or per mailbox.
- View rule statistics on which antispam rules are being triggered.
- View which countries are sending you the most spam.
- Filter reports by specific date ranges.
- Over 50 pre-built reports included and more are being written.
- Write your own reports. Line, area, scatter, bar, pie, table, and map render types are supported.
- Export report data to CSV file so you can import into a spreadsheet.
Network Based Tests
Full support for Razor 2, Pyzor, and DCC network based tests. These network based tests can dramatically improve detecting bulk email and spam.
- Vipul's Razor is a distributed, collaborative, spam detection and filtering network based on user submissions of spam. Detection is done with signatures that efficiently spot mutating spam content and user input is validated through reputation assignments.
- Pyzor is a collaborative, networked system to detect and block spam using digests of messages.
- DCC detects unsolicited bulk mail. DCC servers exchange or "flood" common checksums. The checksums include values that are constant across common variations in bulk messages, including "personalization."
Learning and Reputation Management
Warden gives you deep access to learning and reputation statistics for a mailbox. Check if a mailbox's auto-whitelist or reputation data is good or has been poisoned by spammers.
- View the number of Spam and Ham learned for a mailbox.
- Reset bayes learning data for a mailbox or a domain.
- View auto-whitelist or TxRep reputation statistics for a mailbox.
- Prune auto-whitelist or TxRep reputation statistics mailbox or a domain.
- View and export reports on learning and reputation statistics for a domain.
Warden fully supports giving re-sellers and customers access to different parts of the Warden application. Enable your customers to help themselves without resorting to costly support calls.
- Allow or deny access to manage their domains.
- Allow or deny access to manage their mailboxes.
- Allow or deny access to view reports.
- Allow or deny access to view their own spam or virus logs.
Supported Operating Systems
- CentOS 8.x
- CentOS 7.x
- CentOS 6.x
- Cloudlinux 7.x
- CloudLinux 6.x
- Debian 10.x
- Debian 9.x
- Debian 8.x
- RedHat Enterprise Linux 8.x
- RedHat Enterprise Linux 7.x
- RedHat Enterprise Linux 6.x
- Ubuntu 19.04
- Ubuntu 18.04
- Ubuntu 16.04
Supported Plesk Versions
Plesk Obsidian 18.x, Plesk Onyx 17.x
Supported Mail Servers
Third Party Software
SpamAssassin, ClamAV packages from EPEL or Debian/Ubuntu Repositories
Minimum 2 GB system memory with at least 600 MB free