The SpamFilter is a free and Open Source software able to detect and reject e-mail messages containing unwanted advertising. SpamFilter is a multi-threaded daemon and features local sockets and named pipes interfaces to receive queries and send answers to mail server software (MTA).
The program was developed mainly for use with Weasel mail server. On every stage REXX scripts (filters) are called by Weasel to query SpamFilter.
History of changes
2019-07-04 ver. 1.1.5 - Optimization of the operation of the pipes transmitting log from Weasel. - New shared event semaphores: \SEM32\SpamFilter\shutdown and \SEM32\SpamFilter\reconfigure. - Version number in usage information (command line switch -?). - New Weasel filters routine sfQuery.cmd. Now it supports work through system pipes and may not use rxsf.dll (optional, see comments for pipeName/socketName in sfQuery.cmd). However, it is recommended to use a local socket. - Pipe name in configuration file on which SpamFilter will receive requests may be short (without "\PIPE\" prefix) or complete form. - Socket name in configuration file on which SpamFilter will receive requests may be short (without "\socket\" prefix) or complete form. - The command line switch -R is deprecated. For -r now: first attempt will be made to connect to a local socket. In case of failure - with the named pipe. - Attribute from-local of option update-header in the configuration did not work. SF always added the header X-SF to email messages. Fixed. 2019-06-11 ver. 1.1.4 - Event handling: not a local client, but a local sender and local recipient. See the new option extclnt-locsender-locrcpt in the configuration file. Option score-extclnt-locsender-locrcpt is deprecated. - ehlo in X-SF. - Reading Weasel log from alternative named pipes. Redirecting the Weasel log to the new named pipes. IP address blocking when the set frequency of unsuccessful authorizations is exceeded. See the new format for weasel-log-pipe option in the configuration file. - Fixed receiving requests through named pipes. - New command line switch -R. - High memory support. 2016-09-16 ver. 1.1.3 - Search EHLO strings among names of MX servers of client's domain. Sample: Client: [22.214.171.124] mx3.slc.paypal.com EHLO mx0.slc.paypal.com <-- Valid MTA for slc.paypal.com. - readme.txt is updated. 2016-06-20 ver. 1.1.2 - Value <spam-urihost-ttl> parse error - fixed. - New scoring for letters: not local client and local sender and local recipient. A new configuration node <score-extclnt-locsender-locrcpt>. - File GrLst.txt reading bug fixed (empty e-mail address at I-line). - Session Id in X-SF. 2016-02-14 ver. 1.1.1 - A new statistics item "spam-urihosts-found" - number of spam messages that contains host names collected by spamtrap. - Small memory leak on reconfiguration - fixed. - Command execution timeout. New configuration node: <command-timeout> and node <command-timeout> at statictic. 2016-01-24 ver. 1.1.0 - A new format of queries. It allows easy integration into MTA software. - A more flexible verification sender mailbox. - Reduce a number of DNS requests (reverse DNS lookup) while mail receiving from ISP/secondary MX servers. - Improved structure of the configuration file. - Weasel piped output support. 2016-01-12 ver. 1.0.2 - SYS3175 when receiving mail from the relay - fixed. - Details in anwser for messages to spamtrap: messages from Internet: SPAM: firstname.lastname@example.org messages from local users: NOTSPAM: email@example.com File sfQuery.cmd updated to prevent saving spamtraped messages from local users. The counter "spam-trap" in stat.xml ignores messages from local users. - Human readable format for files/data sizes in the configuration. - Some new messages for logfile. 2016-01-11 ver. 1.0.1 - A new attribute "start-stage" for the node "spam-store" tells SF to store SPAM detected on specified and subsequent stages. An aggressive spamers can be detected at stage 0 (by dynamic ip-address list) and there is not much sense to receive messages from them. - Message-ID check (see configuration XML-tree "message-id"). - After confirming the existence of a mailbox on the server, the server's response for fake mailbox checked - some spammers services respond "250 OK" for any mailbox. - A local users may forward a spam letters to the spamtrap to collect spam hyperlink hostnames from the message body. - The sender address was not logged and stored at the session object after message "MAIL FROM ??? matches the configured pattern." - fixed. - Human readable format for time intervals in the configuration. 2016-01-10 ver. 1.0.0 - Field X-SF will not be set for messages from local users while the attribute "from-local" of the node "update-header" at the configuration is tuned off. - The maximum number of open sessions for a single IP-address may be limited, see configuration node "ip-max-sess". - When "update-header" enabled the session data like EHLO, MAIL FROM, TO will be loggeded even if the final answer has been received. 2016-01-09 ver. 1.0.0 First public release.