Configure SAProxy for POPFile

CAUTION: The content of this page seems to be outdated.

SAproxy is a Windows POP3 proxy implementation of Spamassassin. You can get it (free) at http://www.bloomba.com/download.html#saproxydl.

Spamassassin uses a variety of rules to identify the likelihood of a given e-mail being spam and if so, can add a header, change the subject line and encapsulate the message much as POPfile does. The latest version includes a Bayesian filtering option, but SAproxy does not include a user friendly method of training the Bayesian filtering. What it does allow is turning on the Bayesian filtering for self learning, where, I believe, it accumulates statistics based on previous classifications, and after about 200 messages turns on the Bayesian filtering with this data to assist in content filtering for spam.

My experience with SAproxy is that it's very good at identifying spam out of the box, and is very good at not giving false positives. I have not had a single false positive from SAproxy yet. I decided to try POPfile, however, because it appeared to me that the spam writers were adapting to get around Spamassassin's filters and I was getting a good percentage of spam getting through.

So now I use POPfile in front of SAproxy to get the spam that SAproxy misses. In the short term the advantage is good spam filtering on first use. In the long term it's not clear to me that this combination will be any better than POPfile alone. I suspect there may still be advantages in that I've noticed some recent spam consisting entirely of a graphic or short, unformatted, seemingly innocuous text with a link. If these or similar tactics turn out to be difficult to resolve by Bayesian filtering, an extra layer of rules may still be able to separate them from legitimate mail.

To avoid conflicts you may want to initially disable POPfile, then install SAproxy. After installation, re-enable POPfile and in its options page change the listening port to a number other than 110. I'll use 220 in this example, but you can choose any number you want, as long as it's a valid port number and not being used by any other service on your system.

In the default configuration, SAproxy will proxy to a mailserver address and host based on the username sent to SAproxy. So in your e-mail client you would use realusername:realPOPserver:nnn as your POP3 account username, where “nnn” is the POP server port. If your server uses port 110 (typically) you can omit the port and just use realusername:realPOPserver as your username.

Now POPfile proxys using the username realPOPserver:nnn:realusername but it will actually be told the mailserver is SAproxy, so the username you should use is 127.0.0.1:110:realusername or just 127.0.0.1:realusername and your client should be told the POP server is 127.0.0.1 and port 220 (this is POPfile�s new listening port).

That's all. If you've already set up your mail client�s filters for POPfilter you won't have to change these as after a few corrections, it will quickly learn to recognize any mail modified by SAproxy as belonging in your spam bucket, since SAproxy will always add the same header tags and opening paragraph in the message body. If your mail client doesn�t allow you to specify the server port, you can keep POPfile on 110 and use the Hosts page in the SAproxy configuration window (see below) to assign SAproxy a different port, then change your username to use that port instead of 110.

Now I actually use a third proxy for my hotmail account. I use hot Hotmail Popper which you can get (free) at http://www.boolean.ca. After you install it, you'll want to change its listening port to one that won't conflict with SAproxy or POPfile. Let's say 330. Now SAproxy needs to be told that the real mail server, in this case Hotmail Popper, is on port 330. This is done by adding a few lines in the hosts tab of the configuration dialogue in SAproxy. If you add any entries here, the port forwarding based on username appears to be disabled, so you will have to add explicit entries for any mail server that will be used. So in this example something like the following 2 lines would be added to the hosts page:

110=realispPOPserver:110 440=127.0.0.1:330

So any useraccount connecting to SAproxy on port 110 will be forwarded to your ISP's pop server on port 110, and any account connecting to port 440 will be forwarded to the local machine on port 330, which is Hotmail Popper. Now in your e-mail client, the username for a non-hotmail account will be: 127.0.0.1:110:realusername and the username for a hotmail account will be: 127.0.0.1:440:username@hotmail.com; (the ”@hotmail.com” must be included in the username for Hotmail Popper to parse this correctly). The client's POP server will remain 127.0.0.1 using port 220.

Now we'll add a 4th proxy you can obtain (for free) at … actually I'm kidding. I'll stop here.

I'd be happy to hear any comments/criticisms you might have. So far my biggest complaint is that I�m getting several false positives from POPfile, but I've only been using it a couple of days so hopefully after a little more training this will improve.

This message turned out to be much longer than I intended. Thanks for reading if you�ve made it this far. If not, I�m just typing to myself, which may be an early sign of dementia�

Ric

 
howtos/saproxy.txt · Last modified: 2012/06/28 14:16 by amatubu

Should you find anything in the documentation that is incomplete, unclear, outdated or just plain wrong, please let us know and leave a note in the Documentation Forum.

Recent changes RSS feed Donate Driven by DokuWiki
The content of this wiki is protected by the GNU Fee Documentation License