SpamPal
is very configurable but the default settings
should suit most user's needs. If however you need to change the
default settings, you can tune SpamPal using the Options
panel, in many different ways.
|
8. Advanced
8.1. Advanced: Lan Configuration
8.2. Advanced: Access Control
8.3. Advanced: Extra Black/White/Ignore Lists
8.4. Advanced: Extra DNSBL Definitions
8.5. Advanced: Programs
8.6. Advanced: Protocol Logs
|
| This panel enables you
to alter various advanced options
(although most users will not need to change anything in this panel): |
|
|
DNSBL Queries
time out after; DNSBL services are sometimes overloaded with
requests, and can be rather slow. To prevent your mail checking from
becoming prohibitively sluggish, SpamPal will time-out
(stop waiting for) DNSBL queries after 20
seconds.
You can use this option to change this interval; lengthen it if you're
seeing the X-SpamPal: PASS TIME-OUT
header a lot and don't mind your email checking taking longer; shorten
it if checking your mail seems to take forever and you don't mind
a few extra spams not getting filtered into your spamtrap folder.
|
| Maximum
simultaneous DNSBL queries; allows you to set how many DNSBL
queries SpamPal should make at the same time. If you use lots of DNSBL
lists and/or check lots of mailboxes simultaneously, increasing this
figure can result in a performance increase. |
| Reduce
the number of simultaneous
DNSBL queries to something
low - say, 3 or 4 - and see if this helps with your router problem. |
|
|
Don't filter mail at all; allows
you to disable all of SpamPal's spamfiltering features. This options
is also available from the systray
Don't filter mail using auto-whitelist
or auto-ignorelist; disables filtering of mail against the
automatic whitelists. Note that email & I.P. addresses will
still be added to the automatic whitelists, it's just that they
won't have any affect. It effectively turns the automatic whitelists
into lists of seen email and I.P. addresses that are candidates
to be moved to the whitelist after due consideration.
Remember positive (spam) DNSBL results
& Remember negative (non-spam) DNSBL
results; allows you to control for how many days SpamPal
should cache the results of queries to DNSBL services. The higher
each of these are set, the quicker your mail will be fetched, but
at increased risk of SpamPal using out-of-date information and making
more mistakes.
Allow multiple port setting to share a single
port number; This allows you to effectively
have to sets of port configurations using a single port number;
when a connection comes in, SpamPal will use the following criteria
to choose between them:
- If the connection is coming from an I.P. address
that is only on the access control list of one of the port settings,
those settings are used.
- If the connection is coming from 127.0.0.1,
then SpamPal will get the real I.P. address of your machine and
perform the first test again.
- If SpamPal still can't decide which port settings to use, it
will prompt the user to choose between them. The user can choose
to have their selection remembered until SpamPal restarts, or
to choose again for each incoming connection to this port.
How could this be useful? Well, let's take the example of SpamPal's
SMTP proxy. Let's say you use two ISPs, example.com and lapmaps.com.
You want to use the SMTP server of whichever ISP you happen to be
dialled into. You could add a setting for both mail.example.com and
smtp.lapmaps.com to the ports list in SpamPal, make both settings
use port 25, and then when you want to send mail SpamPal will prompt
you to choose which you want to use.
Is this a security
risk?
The access control lists determine what I.P. addresses are allowed
to connect to SpamPal. However, as long as SpamPal is configured
to listen on 127.0.0.1 (click on IP Configuration in the Advanced
options pane), only the local machine will be able to connect to
SpamPal regardless of what you put in the access control lists.
So, while SpamPal is listening on 127.0.0.1, this is not a security
risk.
|
| Wait for DNSBL queries before
filtering message body; Normally you would
leave this option un-ticked, which increases SpamPal's performance. |
|
Remove Layered Service Provider
(also known as LSP). This option is used to remove the LSP if you
wish to un-install SpamPal and you used the non-installer version
of SpamPal. In order to un-install safely, you must
first have to go into the Connections
pane of the Options window and
delete all the ports that use
the transparent proxy. Click OK
to confirm.
Now re-open the options window,
go to the Advanced tab and click
the remove layered service provider
button; this will uninstall the Layered Service Provider from the
Winsock2 providers database. You'll be advised to reboot your machine,
and then you can delete the SpamPal folder as normal.
|
| Don't
just delete the SpamPalLSP.dll
file without doing the above
LSP removal, otherwise you'll find yourself unable to
access the Internet! YOU HAVE
BEEN WARNED!!! |
|
|
Spampal's configuration is stored in
this folder; This is the directory:
- where SpamPal stores it's own configuration
files and also of it's plugins.
- that needs to be backed up, if you are
thinking of reinstalling your operating system.
|
- You can also tune the number of
connections SpamPal makes; go to the advanced settings and
increase the Maximum Simultaneous DNSBL queries to 50
(if you are on broadband/cable/adsl)
- Don't set the caching times too
low
|
|
::Top:: |
SpamPal
is designed as a personal mail filter that will run on same local
machine as your email client. It contains many features that specifically
tailored to this way of working.
However, some people have expressed a wish to run SpamPal as
a service for a local network. Although this isn't advised, it is
now possible.
But before doing it, please consider:
- SpamPal has a GUI, and pops up error boxes in various circumstances.
- The auto-whitelist has privacy implications if SpamPal has
more than one user.
- Tagging mail on retrieval (which SpamPal does) is not the most
efficient way of doing it. A far better solution is to tag mail
when it is received by your mailserver. If you're at the stage
of running SpamPal on a local network, you probably have a mailserver;
investigate the spamfilters that can be installed on it.
If after reading this you still want to be able
to connect to SpamPal from a remote machine, here's what to do.
Go SpamPal's Options pane and
then select the Lan Configuration
pane.
Change the I.P. address setting
from 127.0.0.1 to the I.P. address
of the machine on which SpamPal is running. Now, go to 8.2 (Access
Control) for the next step.
|
|
|
::Top:: |
Following on from the
8.1 (Lan Configuration) instructions, type the I.P. addresses of the
machines that will be permitted to connect to SpamPal, one on each
line.
You can specify a range of I.P. addresses using either the network
prefix notation (e.g. 127.0.0.1/24)
or by giving the start and end of the range (e.g. 127.0.0.1-127.255.255.255).
|
|
|
When
you enter the IP address, be
very careful when you do this - you don't want to accidentally
allow external
machines to connect to SpamPal!!! |
|
::Top:: |
This pane can be used
to a add the filename and location of a text file, which contains
a list of email address
(or IP addresses) to whitelist, blacklist or ignorelist.
The advantage of using this feature over the normal whitelist, is
that it's easy to keep things organised neatly by topic and it also
makes it easy to update them at different times.
You could also place the files on a shared network drive, so you can
easily edit them from a remote pc.
For example:
C:\spampal\friends.txt - could
contain all your friends that you want to whitelist
N:\spampal\work.txt - could contain
your work contacts that you want to whitelist ( Drive N is a networked
drive) |
|
|
::Top:: |
In this pane, you can
add an extra DNSBL service, that isn't currently listed in SpamPal's
normal blacklist/ignorelists pane.
In order to add a new DNSBL, you must first click on the Extra
DNSBL Definitions button (see screen below) |
|
|
Windows notepad should
now open the extra_dnsbl.txt file,
located in your spampal directory. In this file, you will see an example
of what information is needed to enable you to add an extra dnsbl.
For example, the Passive Spam Block List
is a dnsbl; to add this to your public blacklists (dnsbl), cut and
paste the following, onto the end of your extra_dnsbl.txt
file: |
LIST PSBL
NAME Passive Spam Block List
WEBSITE http://psbl.surriel.com/
ZONE psbl.surriel.com
DESCRIPTION An easy-on, easy-off blacklist that doesn't rely on testing
and should reduce false positives
RESULT_CODE 127.0.0.2 # Your server
sent spam to trap-server recently |
Save it, click OK
to dismiss the SpamPal options window then open it again - Passive
Spam Block List should now be listed
with the other blacklists.
However, you will now need to enable this extra Passive
Spam Block List dnsbl by going into SpamPal's
Spam Dection: Blacklist: Public Blacklist pane, finding the
Passive Spam Block List dnsbl entry
and
ticking the enable box.
Now, when you check your status screen,
you should start to see results from your new Passive
Spam Block List dnsbl. If you want more example dnsbl's you
can add, see the optimize page here |
::Top:: |
The transparent proxy programs screen,
as seen below, is basically used for three reasons:
a) to stop anti-virus scanners from scanning
your email twice;
b) to exclude a program that doesn't seem
to be compatible with SpamPal's transparent proxy;
c) to exclude an email program from using
SpamPal to filter your mail
|
|
|
|
In order to decide which processes SpamPal will filter and which
ones it will ignore, SpamPal will check it's list of known processes,
some of these are on a filter list (like email programs)
and some of these are on a don't filter list (like anti-virus
scanners).
Obviously, this list of processes will vary from user to user, so
when SpamPal come across a process that it doesn't know about, you'll
need to inform SpamPal to either filter the connection or ignore
the connection,
You can tell SpamPal, using the above
filter mail for that process option, to always filter
any new unknown processes, SpamPal finds.
You can tell SpamPal, using the above
not filter mail for that process option, to always not
filter any new unknown processes, SpamPal finds.
By Default, however, SpamPal will always ask the user what you
do and you'll see a message box like the screen below popup:
|
|
|
| The above screen works in much the
same way as firewall rules do. So, if you want SpamPal to filter PopTray's
request to access your email server and have SpamPal filter the mail
it see then click the Filter button. If
you select the Don't Filter button
then PopTray will still access your email server but SpamPal will
not filter out the spam from any email that it sees. |
|
|
|
|
The Don't
Filter screen is basically used for three reasons:
a) to stop anti-virus scanners from scanning
your email twice
Most probably SpamPal is filtering your mail once between your email
program and your anti-virus scanner, and once between your virus-scanner
and your mailserver.
Have a look in the status window, or activate the SpamPal logfile
and have a look at what processes SpamPal is filtering mail for. Now
go to the port properties dialog, click on the "Control"
tab, and enter the name of one of these processes in the list of programs
for which mail won't be filtered. |
b)
to exclude a program that doesn't seem to be compatible with SpamPal's
transparent proxy.
I'm sure there's going to be incompatibilities with some software
out there; probably email-related software but I don't rule out the
possibility of other software not being compatible with the transparent
proxy.
If you encounter a problem, just post a message in this forum
thread; saying what version of SpamPal you're using, what version
of the incompatible software is and briefly describe the problem,
including any error messages that will appear. |
|
c) to
exclude an email program from using SpamPal to filter your mail
Normally you'd want all your email programs and checkers (such as
Poptray) to use the transparent proxy,
in order to filter out the spam. You might however, want to keep
your main email program (such as Outlook Express) to filter the
spam but disable filtering for your email checker (such as Poptray),
in order to speed things up.
You can do this by adding the program/process name in the list
of programs for which mail won't be filtered. For example, in
the
above Poptray case, just add the following line (which uses # as
a comment)
poptray.exe # disable filtering for Poptray
|
::Top:: |
| The screen allows you
to create protocol-level logs of your mail sessions. (Previous debugging
versions already did this, but I've disabled that code now.) |
|
|
By default the logs are stored
in a folder called SpamPal-protocol-logs on
drive C.
This folder will contain debug logs of all
the messages that your
email program and your email server have sent or received. This
will include POP3/IMAP4 and SMTP messages. For example, the filename
format for two POP3
messages would be:
2004.12.11-15.19.36-pop3-00852-0001-client.log
2004.12.11-15.19.36-pop3-00852-0001-server.log |
| If
Protocol logging is enabled, please
be aware of the following "issues":
a) Usernames and Password
for your email accounts will be clearly visible. If you are asked to send these logs to anyone
for debug purposes then please
remember to replace your password with xxxxxx's.
b) Anti-virus software may find viruses in the Protocol Logging
folder. This is nothing to worry about as the debug
logs are only plain text and
are actually just copies of
viruses that you have received in your normal email. If your
virus scanner does find a virus in the Protocol Logging
folder then it may be worth seeing if your anti-virus scanner
has an exclude folder option
for scanning. |
|
::Top:: |
