If you are looking for a no-cost antispam and antivirus solution for Microsoft Exchange server then we have found the best solution to be ASSP. ASSP is the Anti-Spam SMTP Proxy Server project and it aims to create an open source platform-independent SMTP Proxy server which implements whitelists, Bayesian, and basic anti-virus filtering . See the official ASSP support site here. This site is in no way affiliated with the official site and does not claim any specific knowledge or ownership of the ASSP, Perl or ClamAV software.

ASSP is a perl-based application that can run as a standard Windows service. It uses the Clam-AV antivirus product, which can also run as a standard Windows service. This does not use event sinks, but rather it installs a complete SMTP proxy service (this can happily reside on the same machine as the Exchange server), making it a more efficient and effective way to trap everything. Below is a reference compiled from a number of different sources on how to get this running from a clean Windows/Exchange server. This is not for Linux, Unix or BSD solutions, only for Microsoft Windows. Please see the official ASSP site for information on how to install this on other platforms.

As a guide, you must install Perl (the scripting language) on the server, you must install the ASSP application, you must install all necessary Active Perl components for this to run, and finally you must install the Clam-AV Windows service. This may sound odd in these days of deployment packages, registry hacks, uninstall routines and runtime files, but Perl is a totally self-contained language and all components end up in a single directory - nowhere near the Windows folder or the Registry. So if you don't like it, just delete the directory where you installed it to and you're back to square one!

No step is left out and if you follow everything you should be able to have this solution in place on your Windows system within an hour or two. This solution works for Windows 2000 and Windows 2003. We have not tried it on other platforms, such as Vista, XP or NT4, but we suspect it would work fine there as well. As stated, most of the content here is copied from other sources - this is just a compilation for ease of installation and newer versions of installation methods or applications may exist. Good luck. If you have any feedback or ammendments they are gladly accepted.

Install PERL

If upgrading, make note of any modules you need to reinstall, uninstall ActivePerl and delete the /perl folder tree.

Download the current ActivePerl version 5.8.x from www.activestate.com.

Install it. (The document assumes the default installation location of c:\perl. If you choose to install it somewhere else you will need to modify the rest of this document accordingly.)

Get nmake from Microsoft: http://download.microsoft.com/download/vc15/Patch/1.52/W95/EN-US/Nmake15.exe

Extract the nmake.exe and nmake.err files into your c:\perl\bin folder

Either restart your computer, or manually make sure your computer's path statement points to c:\perl\bin and c:\perl\site\bin. (path=%path%;c:\perl\bin;c:\perl\site\bin)

Run CMD and use PPM to install the required perl modules:

ppm install Win32-Registry-File

ppm install Net-DNS

ppm install DB_File

ppm install IP-Country

ppm install Mail-SPF

ppm install Error

ppm install Digest-SHA

Run ppm-shell and type "query *" (without the quotes). This shows all perl modules currently installed and the modules listed above should now show up.

Install ASSP

Keep the ppm shell open and make a note of which of the following modules are not installed. (Note: Not all modules are mandatory, but it is recommended that you install all of the modules. If all modules are not installed, the Perl process may use 99% of the processor time).

Compress::Zlib

Digest::MD5

Email::Valid

File::ReadBackwards

Mail::SPF::Query

Mail::SRS

Net::DNS

Net::Syslog

Time::HiRes

Win32::Daemon - see install note below

If any of the modules are missing from the list that comes up, at a command prompt type ppm install modulename, where modulename is the same as the entries in the list above. If this returns "No missing packages to install", then continue.

The exception to this is the last entry - for this you must type

ppm install http://www.roth.net/perl/packages/win32-daemon.ppd

At the command prompt, type the following to update all installed packages:

ppm upgrade -install

Manually create the following directory structure:

c:\assp

c:\assp\notspam

c:\assp\spam

c:\assp\errors

c:\assp\errors\notspam

c:\assp\errors\spam

Download the Anti-Spam SMTP Proxy (ASSP) installation zip and extract the contents to the c:\assp base directory.

At the command prompt, navigate to the c:\assp directory, and run the following command:

perl addservice.pl -I c:\assp\assp.pl c:\assp

Now create the file assp.cfg in the c:\assp\ directory, and add the following line to it so that ASSP may start as a service (it will fail to start if this line does not exist):

AsAService:=1

Download the Sample Spam Database and extract it to your c:\assp\ folder. This will give your Bayesian database a good start.

Go to Start >> Settings >> Control Panel >> Administrative Tools >> Services double click the "Anti-Spam SMTP Proxy" service. Set the "Anti-Spam SMTP Proxy" service startup type to automatic and click Start, then click OK and close the services window.

Open a web browser and point it to http://127.0.0.1:55555. At the login screen, the username is blank and the default password is nospam4me - you can change this under the 'Security' or 'Server Setup' section of the menu, select the webAdminPassword option.

Change the SMTP Destination under the Network setup area to be 2525 (or whatever port you like, other than 25). Make the SMTP List Port the same as your current Exchange listening port (usually port 25). Save these settings.

Go to Exchange System Manager, open the Servers folder, open the Servername, open the Protocols folder and open the SMTP folder. Right click the "Default STMP virtual server" and go to Properties. Go to the Advanced button under IP Address, select edit and change the TCP Port to the same as the value you set above (2525). If you have an SMTP Connector configured (under Connectors), delete it. Now right click on the Connectors folder and choose New SMTP Connector. Accept the defaults, give it a name, choose your local server as your bridgehead and save it. This recreates the SMTP connector with the new port number.

The final thing is to stop and start your Simple Mail Transfer Protocol Service, under Start >> Settings >> Control Panel >> Administrative Tools >> Services.

Play with the settings in the web interface (http://127.0.0.1:55555) until you find what works best for you.


If you want to run Antivirus as well, keep reading, otherwise stop here - you should now have a working ASSP anti-spam server under Exchange!


Install the File::Scan::ClamAV module

Download the version of File::Scan::ClamAV found here

Extract these files and then browse to the directory where you extracted them to using a command prompt. Now type

perl makefile.pl

This should complete without any errors. Now type

nmake

This should find the ClamAV.pm file. Now type

nmake test

This will bring back a few errors, but ignore them. Now type

nmake install

That should be it. If you restart the ASSP Proxy service and the look at the maillog tail under the web interface, you should notice that File::Scan::ClamAV is now installed.

Install ClamAV and the Clamd Service on Win32.

Downloads

clamAV.msi Requires .NET 2.0 Website: http://w32.clamav.net/

Runclamd.zip

ClamAV

Install clamAV.msi with the default options.
For this example we will use "C:\Program Files\clamAV\", You can change the install path if you like.
You will need to change the "TemporaryDirectory" in "C:\Program Files\clamAV\conf\clamd.conf" to the Windows Temp directory:
Windows Server 2003
TemporaryDirectory "C:\Windows\Temp"
Windows Server 2000, NT4
TemporaryDirectory "C:\WINNT\Temp"
Windows Service
Extract runclamd.zip to "C:\Program Files\clamAV\"

Open C:\Program Files\clamAV\runclamd.ini
Locate
PathToClamd=c:\clamav-devel\bin\clamd.exe
Change to
PathToClamd=C:\Program Files\clamAV\clamd.exe
Save file and close

Install service
"C:\Program Files\clamAV\runclamd.exe" -install

Make service startup on reboots
Click Start, and then click Run.
In the Open field type services.msc, click OK
Find the "Run Clamd" service.
Change Startup Type to Automatic.
On the Log On Tab make sure Local System Account is checked.
Start the service.

ASSP Configuration
In the ASSP administration interface make sure the AvClamdPort is set to 3310

AvClamdPort = 3310

Restart ASSP

Update virus signatures
You can create a scheduled task to run Freshclam.exe a few times a day to update the signatures for you.

Command to run:
C:\Program Files\clamAV\freshclam.exe

This document created 2007-11-14