The program will run on slow hardware. My system is running under Windows 95 on a 233 MHz Pentium machine on a 128k/128k ADSL connection. It has handled 1500 x 30k messages over a period of 10 minutes without a fault. It rejects over 1200 spam messages coming in per day.
New in version 0.4 on the Local Email tab you can list the domain names you accept (or specfic email addresses if you prefer), and choose the SMTP authentication option. Anyone who connects to Fluffy to send email from a domain or email address that matches will be considerd a local network user and spam trap tests will not apply.
This arises when Fluffy is running on a computer with a public internet IP address (ie not a private network address such as 192.168.x.x) server and the computer doesn't have a valid name that corresponds to the domain that is receving the email. The solution is to change your computer name to be a domain name that on reverse IP lookup, correspond with your IP address name, where that IP address is the target of incoming email. In other words, make sure your network is correctly configured to be on the internet, if you are using public internet addresses.
Now we need to configure the SMTP server You have an existing SMTP server that listens on port 25 (standard) for incoming mail connections. We need to have Fluffy listen for incoming mail and redirect genuine email to the existing SMTP server. There are a variety of ways to achieve that which makes this section appear more complicated than it really is. We'll present a simple case for running Fluffy and the VPOP3 mailserver on the same computer, and then go into detail for alternatives.
But first an important word on open relaying. An open relay is when your computer is set up to deliver email from anyone to anyone. This is often used for sending spam. It is something you want to avoid, especially if you pay for your bandwidth. Some SMTP servers will validate email based on IP address. This will not work with Fluffy because all email will appear to be coming from the computer running Fluffy (ie a local machine).
The preferred method is for SMTP Authentication provided that you do not require SMTP authentication for local (internal) email. Your email software must support SMTP authentication to use this option, and you need to turn it on in your email software. For example, in Outlook, choose email accounts and on the Servers tab choose My server requires authentication under outgoing email server. If VPOP3 is your SMTP server you change the settings under Services (formerly Local Servers), and enable Require SMTP Authentication and also Do not require SMTP authentication for internal/incoming mail.
If your mail software or SMTP server does not support SMTP authentication in this way, you should validate by the the From: address rather than by IP address. In VPOP3 settings, you do this by clicking on the the SMTP link (formerly Configure button), and selecting SMTP Anti-Relay Protection as Check From: Address. You should make sure Don't allow addresses with '%' in their address is enabled. This introduces another problem - what if a spammer fakes your From: address to try and use your SMTP server to send email? Fluffy will detect such attempts and prevent external (outside your network) connections from using an internal From: address as the sender of the email. If you are running a very sophisticated operation with validated relaying for some users, or just want to talk about your options for using Fluffy then you can email me or start a public discussion. Basically you can achieve what you want very simply, but you can probably work that out for yourself.
Ok, on to setting things up.
To direct connections to Fluffy you'd do so as you did for your SMTP server. For example, if you are using a NAT you'd forward port 25 connections to the IP address of the computer running Fluffy. Or if your mail server is listed in a DNS record you could change the MX (or A if you don't use MX) record for your domain to point to the IP address of the computer running Fluffy. Or you could swap the IP addresses of the computers running Fluffy and your SMTP server. Again, this may sound complicated, but that's because you have a choice of options, some of which you may never have heard of. Just ignore the ones you don't know anything about. If you need more help with this, you can email me or start a public discussion.
For local mail clients you don't need to change their settings. If Fluffy is listening on port 25 then you can still connect to port 25 as a default. If you are running your Fluffy on port 26 (for example) you can choose to redirect your mail clients to use port 26.
When you first run Fluffy you will be prompted to use the default DNSBL servers, default Spam Trap address list, and default Black/White lists. If you choose to use any of these, you should then edit them for your own use.
Each entry consist of the address of the DNSBL, an optional message used to reject messages listed in the DNSBL, and an optional list of response codes that are not used to reject email. The message can include %%IP%%, in which case the originating, black-listed IP address will be included in the rejection message.
You can choose not to enabled a DNSBL, in which case it remains in the list but is not used.
You can choose to include DNSBL servers that are not enabled, in your test.
If you are using SMTP authentication for people connecting outside your local network, you shoudl list their email address or domain and then choose the option "My SMTP Server uses authentication.". Connecting users will then be considered local by SMTPFilter and email they send will not be checked against the Spam Trap.
IP address ranges can be specified using subnet masks. A subnet mask of 255.255.255.255 means the IP address must match exactly.
You can also choose a wildcard match. I don't use any numbers in my email addresses, and lots of spammers try to guess email addresses with numbers in them (eg wayne2). So I add all the digits as a wildcard spam match. If any email comes in with any digit anywhere in the address preceding the @, then the email is rejected, and the source is blocked as a spammer. So wayne2@codeworks.gen.nz is blocked (matching 2) and abc3def@codeworks.gen.nz is blocked (matching 3).
All the digits are listed in the default Spam Trap listing supplied, so you will want to remove some or all of them if you do use digits in your local email addresses. You must check the whole Spam Trap list to make sure it doesn't include any valid names (like your own) that you do want to receive!
If mail comes in for multiple recipients, the mail is blocked for all recipients if any one of the addresses is listed in the Spam Trap.
If a whitelisted source sends email to a Spam Trap address, that email is blocked, but the source remains whitelisted.
The list of addresses are processed in order, so the first address that matches will be applied. A final entry of * will match everything not previously matched.
Leaving the target as blank means that if the address matches it will not be changed (and no furtehr addresses considered for matching).
If an email message contains a matching header, the email message is blocked.
Here you can choose whether to scan messages for viruses. If you choose an antivirus programme, Fluffy will look for it in the default location. If it can't find it, it will prompt you for the location of the antivirus programme. You can also enter the text that appears at the top of a message sent to an intended recipient when a mail message is blocked because it contains a virus.
We would be pleased to consider adding support for other anitvirus software. Please let us know
By default Fluffy will block any mail messages broken into parts. The most common use of partial messages is to send the first half of a virus in one message and the second half in another message. A virus checker can't detect the virus without both parts available. Since there is no need to send messages in parts, we recommend you block any messages that comes in parts.
You can also maintain a list of attachment types to block. Fluffy comes with a default list of executable types that you should not normally need to accept.
Fluffy does not yet support a pass-through address for people to resubmit emails that have been blocked. As a temporary measure, we have added this pass through email address text field. If you enter an email address here, people whose email is blocked will be advised to resend their email to this address. This must be an email address that is NOT processed by Fluffy (or it will be blocked again). A POP3 account, or a webmail based account (eg hotmail.com) may be suitable.
Here you can enter an email address to receive daily reports on the emails accepted, rejected and dferred by Fluffy. Your local SMTP server must accept delivery to this email address.
Here you can read about who created Fluffy and the online help file.
A change log tells you what has changed from previous version
Fluffy the SMTPGuardDog Copyright (C) 2003 Wayne McDougall
Help files Copyright (C) 2003 Hairydog Ltd
Fluffy comes with ABSOLUTELY NO WARRANTY; for details read GPL.txt
This is free software, and you are welcome to redistribute it under certain conditions;
read GPL.txt for details.
The help file was developed by Hairydog Ltd in grateful thanks to the
creators of Fluffy. At Hairydog Ltd, we specialise in software documentation
and help systems, web site design, development, maintenance and hosting.
We produce help in winhelp, htmlhelp, webhelp, javahelp and other formats.
Contact us - we can help you:
Hairydog Ltd
Simple case of Fluffy and an SMTP Server (eg VPOP3) running on the same computer
The simplest approach is to run Fluffy on port 25 (the default) and change your SMTP server to listen on a different port. For VPOP3 you change the settings under Services (formerly Local Servers), and set the SMTP server to use port 26.
Fluffy and SMTP Server running on a different computer
In this case you could run both Fluffy and your SMTP server on port 25. The trick is to set this up so that incoming (Internet) traffic talks to Fluffy rather than your SMTP server. It doesn't matter which system your local mail clients talk to.
Not running Fluffy on port 25
You can run Fluffy on any port (eg 26) which means your SMTP server could continue to run on port 25 (on the same computer or a different one). Internet mail connections expect to talk to port 25 so in this case you'd need to use NAT or port forwarding to direct incoming (Internet) traffic to Fluffy. If you need more help with this, you can email me or start a public discussion.
Other options
There are other combinations to make Fluffy work. If you are interested in doing this, you probably have the skills to set it up. If you need help with this, you can email me or start a public discussion.
Multiple SMTP Servers
If you run multiple SMTP servers on different IP addresses (a secondary MX record) then be aware that spammers will often send to all MX entries rather than just the first. And if a spammer is rejected by Fluffy on your first SMTP server, a spammer will try your secondary server. In summary, you need a consistent filter on each SMTP server you are running. Otherwise one SMTP server will block it, but the next will accept it. One answer is to also run Fluffy for each SMTP server you have.
Configuration
When you first run Fluffy you will be taken to the Fluffy Training Centre screen. Once Fluffy is running you can access the Training Centre by double clicking on the three-headed Fluffy dog icon on the notification area (system tray), and then clicking on the Configure button.
Language tab
Here you can choose the language used by Fluffy. Click on Apply to make the change immediately, before choosing other configuration options. Only United Kingdom English (the default) is currently available.
Addresses and Ports tab
Here you can set the address and port of your SMTP server, and the port address that Fluffy should listen on. You can test that these connections are working.
Connections tab
Here you can set:
Local Network tab
Here you can configure which IP addresses are part of your local network (and are allowed to send emails to external email addresses). All IP addresses are considered external unless explicitly designated as part of your local network. Click on the Add your detected IP button to try and autodetect your network settings.
DNSBL tab
Here you can configure which IP spam blacklists (DNSBL) you wish to use.
DNSBL Speed
Here you can test the responses given, and time taken, for your selected DNSBL servers. You can choose the IP address to test. This screen also lists the historic performance of your chosen DNSBL servers, reporting the number of positive (spam) detected per second taken to respond. Higher scores are better.
Local Email tab
Here you should list which addresses/domains are valid for originating local email. Then if any external connection tries to send email purporting to be from that address, it cannot be used to relay messages outside of your network. * is used to wildcard sub-domains.
Important: If you are not using SMTP authentication you must update this list or Fluffy will pass on all mail messages to your SMTP server which may then relay such messages back to an external email address (if someone fakes a local address). See the section on open relays
Black/White Lists tab
You can list IP addresses and (wildcarded) domains that are always accepted or always rejected (with an optional rejection message). Note that when matching domain names you can use * as a wildcard character to match 0 or more characters in the domain name. So *.hotmail.com would match smtp1.hotmail.com and smtp2.hotmail.com and *dav*.hotmail.com would match pop3-dav69-bay4.hotmail.com
Spam Trap tab
You can list email addresses that are invalid. Then if someone tries to send an email to that invalid address they can be rejected as a source of spam trying to guess likely email addresses on your network. Obviously this is only useful if you accept email for one or more domains.
Mapping tab
You can change an incoming mail message addressed to a (wildcard) address to another address. The main message contents are not changed - just the delivery address target. This must be a target address that the SMTP server will accept for delivery.
Headers tab
Here you can enter text to match against message header lines. You can use * to match 0 or more characters. The matching is not case sensitive.
So for example, you can enter lines such as
Subject:*viagra*
To:*nacjack*
*yahoo.tw*
Virus Scanning tab
Advanced Settings tab
Here you can set:
Reports tab
About Fluffy tab
Usage
When Fluffy is running, a three headed dog icon appears in the notification area (system tray) near the clock. Double click on the Fluffy icon to bring up a window displaying the current log file and control buttons. Click on the Configure button to train Fluffy. Click on the Shutdown button to send Fluffy to sleep. If Fluffy detects a serious issue for your attention a red icon with a white bar will appear in the notification area - the message is also recorded in the log file.
Log Files
Log files are stored in the file logyyyymmdd.tx where yyyy is the year, mm is the month number, and dd is the day of the month.
Changelog
Version 1.4
Version 1.3
Version 1.2
Version 1.1
Version 1.0
Version 0.9
Version 0.8
Version 0.7
Version 0.6
Version 0.5
Version 0.4
Version 0.3
Version 0.2
Version 0.1
Things to Do
Copyright
You won't get the hard sell. We're more interested in doing a good job for our
clients!
info@hairydog.co.uk
Tel +44 (0)845 124 9504
Download Fluffy
You can download the latest file releases from the project summary page
You can check out the latest source code in development using CVS
If you prefer email, you can join a mailing list
You can report any bugs, ask for help or request new features in the online tracking system