An Anti-Spam gateway #1: Initial stuff

(NOTE: this is part of the “An Anti-Spam gateway” series)

Before we begin to actually get our hands dirty , here are a few things to note:

• As I said in the introduction, this is a recipe, not a reference manual. There are certainly many other ways to do something like this, but I won’t be exploring them.
• I’m not explaining basic stuff like “to uncompress a .tar.gz file, type tar xzf filename“. If you don’t know things like that, this series really isn’t for you. Sorry about that.
• The required hardware depends on the company / organization size, and on how much mail you receive. A Pentium III with 128 MB of RAM is more than enough for a company with 1000 employees. No, that’s not a typo – if you’re not using Windows or Oracle (yuck), you don’t need 64-CPU supercomputers with terabytes of RAM.
• The operating system should be a Unix-like system with a C compiler such as gcc. Most Linux distributions include everything you need, although you may have to manually select the “Development” packages during installation, or add them later. Other alternatives include OpenBSD (my personal favorite, and the server this blog runs on), FreeBSD, NetBSD, Solaris, etc.. Anything but Windows or SCO.
• I will be compiling most of the software manually. Using packages (such as RPMs, or BSD ports) is possible, but they may not activate some needed option by default. It’s up to you.
• This machine will be a gateway — that is, it won’t have mailboxes, it will just receive mail from the Internet, refuse messages from known open relays, tag spam messages by prepending “*** SPAM ***” to the message subjects, and stop emails with viruses, warning the recipient that someone tried to send them a virus. Then, if the mail wasn’t stopped, it delivers it (or the virus warning message) to the “real” email server, which has the actual mailboxes.
• For simplification, I’m assuming that the machine has only one network card, and has the IP adress 10.0.0.1 (supposedly, some firewall is redirecting port 25 from the outside to this address). The “real” mail server has the address 10.0.0.2. More complex configurations are possible, but, again, I’m not exploring them here.
• I’m also assuming that the gateway has unrestricted outbound Internet access. (it only needs inbound access to port 25). After it’s working, you may possibly want to restrict it somewhat (though I think it it’s a bit useless), but it’ll always need to do DNS queries, access some spam databases like Razor, and update ClamAV.

So, before you go to part 2, you should have a box with one network card configured as 10.0.0.1, running an Unix-like OS with a C compiler.