Frequently asked questions (FAQ)

Questions

Questions common for the entire project

  1. Why does the performance of the filter appear to be somewhat slow?
  2. What can I do to improve the performance?
  3. What can I do to improve the accuracy of filtering?
  4. Is it possible to update the spam-detecting rules?
  5. Why are the executable files so big?
  6. Can the application run when nobody is logged on to the workstation?
  7. How to include third-party plugins?
  8. How to configure FuzzyOCR plugin so that it will work with SAwin32?
  9. Where are the user configuration files located?

Questions specific to SpamAssassin POP3 proxy

  1. Why did I receive an error “-ERR: not supported by proxy”?
  2. Can SAsin32 run as a network server?
  3. How to configure SAwin32 so that it will work with multiple POP3 accounts?
  4. How to enable the debugging mode for the POP3 proxy?
  5. Should I use the included file stunnel.pem or should I create my own?
  6. Can you change certain features of the interface?

Questions specific to SpamAssassin for Win32 command-line tools

  1. Why is there no output when I run spamassassin.exe or spamc.exe?
  2. What is the difference between spamc.exe and spamcc.exe?
  3. How to connect to spamd.exe from my custom application?
  4. Can spamd.exe communicate to SQL server?
  5. Why does spamd.exe take so much RAM?

Answers

Why does the performance of the filter appear to be somewhat slow?
When you get new messages, it takes about 15 seconds to process each message. This is because online tests require SpamAssassin engine to contact blacklists (DNSBLs), which experience high traffic and respond slowly. To disable DNSBL checks you can add

skip_rbl_checks 1

to user_prefs or local.cf. In SAwin32 you can also disable all network tests in the Settings or run saproxy.exe with --local switch. However, the quality of filtering will drop considerably.
What can I do to improve performance?
You should carefully configure the trusted_networks and whitelist_from parameters (in user_prefs, local.cf or, if using SAwin32, in Rules). Look at the headers of your email and take notice of the Received lines that look similar in all messages. They are probably inserted by the relays of your ISP, therefore, these relays should be excluded from online tests. If the IP address of a relay is, for example, 101.102.103.104, you should add the line

trusted_networks 101.102.103.

Likewise, if all mail from the domain isp.tld can never be spam, you should add the line

whitelist_from *@isp.tld

What can I do to improve the accuracy of filtering?
You can download sa-learn.exe from the main page, which allows you to train the Bayesian classifier manually. The classifier will need at least 200 known spam messages and 200 known nonspam messages in its database in order to kick in.
Is it possible to update the spam-detecting rules?
Yes, but only manually at the moment. You can download sa-update.exe console utility from the main page.
Why are the executable files so big?
The files include lots of Perl packages. Some utilities need all of these packages and some only a few. Perhaps in the future the list of included Perl components will become more refined.
Can the application run when nobody is logged on to the workstation?
You will need to install it as a Windows service using tools like NTRunner or Microsoft's instsrv.exe / srvany.exe, see exampls here and here.

In the case of SAwin32, the main problem with such installation is that you will not be able to access GUI and if you run SAwin32 manually in order to start it with interface, it will automatically kill the instance started as a Windows service. Therefore, after you finish working with GUI, you should quit SAwin32 and manually restart its Windows service.
How to include third-party plugins?
Suppose that you want to include ImageInfo plugin. Place ImageInfo.pm and imageinfo.cf into etc\spamassassin folder, then open the plain text file v312.pre located in the same folder in a text editor and add the following line:

loadplugin Mail::SpamAssassin::Plugin::ImageInfo ImageInfo.pm

This will instruct SpamAssassin engine to load the plugin from the local folder.
How to configure FuzzyOCR plugin so that it will work with SAwin32?
FuzzyOCR is a popular third-party plugin that is able to extract words from images. Go to GnuWin32 project and download the packages LibUnGif and NetPbm. Install both packages in the same folder, say, C:\Program Files\GnuWin32. Download the Windows binaries for gifsicle and ocrad, then place gifsicle.exe and ocrad.exe into C:\Program Files\GnuWin32\bin. Download the Windows binary for GOCR and copy the executable to C:\Program Files\GnuWin32\bin\gocr.exe. Finally, download FuzzyOCR (v3.4.2 or later) and unpack it. Copy the files FuzzyOcr.cf, FuzzyOcr.pm and FuzzyOcr.words into the subfolder etc\spamassassin of your SAwin32 or SpamAssassin for Win32 installation. Open the plain text file FuzzyOcr.pm in a text editor and replace

my $homedir = (getpwuid($<))[7];

with

my $homedir = $ENV{'USERPROFILE'};

The main FuzzyOCR configuration file is FuzzyOcr.cf. Open it in a text editor, find the line that starts with #focr_global_wordlist and replace it with

focr_global_wordlist etc\spamassassin\FuzzyOcr.words

Find the fragment describing the location of helper applications, which contains a number of lines beginning with #focr_bin. Replace entire fragment with the following: 
focr_bin_gifsicle C:\PROGRA~1\GnuWin32\bin\gifsicle.exe
focr_bin_giffix C:\PROGRA~1\GnuWin32\bin\giffix.exe
focr_bin_giftext C:\PROGRA~1\GnuWin32\bin\giftext.exe
focr_bin_gifinter C:\PROGRA~1\GnuWin32\bin\gifinter.exe
focr_bin_giftopnm C:\PROGRA~1\GnuWin32\bin\giftopnm.exe
focr_bin_jpegtopnm C:\PROGRA~1\GnuWin32\bin\jpegtopnm.exe
focr_bin_pngtopnm C:\PROGRA~1\GnuWin32\bin\pngtopnm.exe
focr_bin_bmptopnm C:\PROGRA~1\GnuWin32\bin\bmptopnm.exe
focr_bin_tifftopnm C:\PROGRA~1\GnuWin32\bin\tifftopnm.exe
focr_bin_ppmhist C:\PROGRA~1\GnuWin32\bin\ppmhist.exe
focr_bin_pamfile C:\PROGRA~1\GnuWin32\bin\pamfile.exe
focr_bin_gocr C:\PROGRA~1\GnuWin32\bin\gocr.exe
focr_bin_ocrad C:\PROGRA~1\GnuWin32\bin\ocrad.exe
If you have placed the binaries in a folder other than C:\Program Files\GnuWin32\bin, you need to edit the locations of helper applications accordingly. Note that when FuzzyOCR invokes the helper applications, a few black console widnows pop up and disappear.
Where are the system and user configuration files located?
The system configuration files are located in the folder etc\spamassassin, including local.cf. User configuration files (including user_prefs) are located in the folder C:\Documents and Settings\{user-name}\.spamassassin. Note that user_prefs is being ignored if you are running spamd/spamc.
Why did I receive an error “-ERR: not supported by proxy”?
Your email client has sent either AUTH command or TOP command to the POP3 server. (By default SAwin32 does not proxy them because it may cause some email programs to crash). Open Configuration and go to the tab Advanced. Check the option that allows TOP command or (and) the option that allow AUTH command to be proxied. Close the configuration and restart SAwin32.
Can SAwin32 run as a network server?
Yes, if you start it with the command-line option --listenall. You should also pay attention to the switches --nogui and --localssl which disable GUI interface and force all connections to SAwin32 to use SSL. Two major weaknesses of SAwin32 as a server are exposure to Internet and increased demand for CPU resources when email volume is high. The former should be addressed by configuring the firewall so that it will block all incoming connections to SAwin32 from the outside of the network. The latter means that you probably should consider using the command-line version of SpamAssassin spamc.exe as an external filter of your POP3 mail server instead of SAwin32. The command-line version of SpamAssassin for Win32 is available from the main page.
How to configure SAwin32 so that it will work with multiple POP3 accounts?
There are two solutions. Depending on your email client, one can be better than the other. The first solution is to map different POP3 servers to different ports on your computer. For example, the following Host Map 
110 = pop.isp1.net:110
818 = pop.isp2.net:110
will make it possible to get mail from pop.isp1.net by instructing you mail client to access localhost at port 110 and to get mail from pop.isp2.net by instructing you mail client to access localhost at port 818.

The second solution is to empty Host Map, setup your email client to connect to localhost at port 110 and change the POP3 account login name from user to user:pop.isp.com:110, where pop.isp.com is your actual POP3 server. You can do this with every POP3 account that you have.
How to enable the debugging mode for the POP3 proxy?
Run saproxy.exe --debug. The result will be a very large log pop3proxy.log located in the folder C:\Documents and Settings\{user-name}\.spamassassin.
Should I use the included file stunnel.pem or should I create my own?
If you wish to secure all local connections (i.e., run SAwin32 with --localssl switch), you should definitely create your own file stunnel.pem. First, download OpenSSL and extract the archive to a folder. Second, create a text file in this folder containing the following lines: 
[ req ]
default_bits = 1024
distinguished_name = req_distinguished_name

[ req_distinguished_name ]
commonName = Host name
0.organizationName = Organization name
countryName = Two-letter country code
Rename the file to openssl.cnf. Third, open the Command Prompt window, change directory to the folder with openssl.exe, and run the command:

openssl req -new -x509 -days 3652 -nodes -out stunnel.pem -keyout stunnel.pem -config openssl.cnf

Enter the requested information. This will create your own file stunnel.pem. You should copy it over one located in the SAwin32 folder.
Can you change certain features of the interface?
Not at the moment, although it will become possible in the future. The main problem is that the interface seems to be copyrighted (unlike the proxy core and anti-spam engines) and can be used under standard Perl license only if unmodified. Therefore, GUI will be that of SAproxy v1.2 until somebody writes a new one.
Why is there no output when I run spamassassin.exe or spamc.exe?
Technically speaking, these utilities are native rather than console applications. As a result, they do not open a black console window if another process launches them. In order to get the output, you need to redirect StdOut and StdErr, for example:

spamassassin.exe < input.eml > out.eml 2> err.log

What is the difference between spamc.exe and spamcc.exe?
Functionally they are identical, but spamc.exe is a native Windows application and spamcc.exe is a console application. Thus, when you run spamcc.exe from the Command Prompt, the system will return the prompt only after spamcc.exe is done and you will see the output unless you redirect it. In the case of spamc.exe the system will return the prompt immediately and the output will never be displayed.
How to connect to spamd.exe from my custom application?
You should probably do some software development on your own. Download SpamAssassin source, unpack the archive and proceed to the spamc folder. The files libspamc.c and utils.c contain the functions that you need to connect to spamd.exe and the file spamc.c is a simple interface to those functions.
Can spamd.exe communicate to SQL server?
Yes, it works with MySQL. You will need to launch it as follows:

spamd.exe -q --syslog="spamd.log"

Further instructions are here.
Why does spamd.exe take so much RAM?
The daemon spamd.exe is a multithreading application. Each thread accepts connections from clients such as spamc.exe. The number of threads is determined by options --max-children, --min-children, --max-spare and --min-spare. By default spamd.exe lunches one main thread and 1-2 spare child processes that are initially idle. If the mail load increases, spamd.exe may spawn more child processes. To save memory, you can disable all idle child processes by running spamd.exe with options --max-spare=0 --min-spare=0.