EFA Project Free Spam/antivirus filter

EFAlogo-2-55px

If you are like me spam and virus filtering for email servers is a very costly and time consuming task. There are many great retail solutions that do a excellent job of filtering. But they are costly and generally licensed on a per mailbox basis. Some would say that most newer mail servers such as exchange 2010 and newer have filtering built in. This is true however the filtering is limited to RBL and lacks antivirus scanning so tends to not be the best protection.

Luckily with the great people and tools in the open source arena of IT we have some very powerful tools at our finger tips. the only problem for many people is the high degree of configuration required to configure all of these tools tends to keep them out of reach for many users. I have int he past built linux machines installed postfix, spamassassin, clamav etc on it to filter email but it was a very long drawn out process and is not for the linux novice unless they have an abundance of time on their hands and requires a significant amount of care.

So I decided to look and see what was new in the community for SPAM/AV solutions. In my searching I came across EFA Project (https://efa-project.org/). which is designed as a virtual appliance to run on Vmware or HyperV. IT uses the same packages that i spoke of earlier in this article to stop spam and viruses however they are already installed and configured to work properly in the vm. Which is most of the battle.  What is in it? Glad you asked.

System OS CentOS
MTA Postfix
Core Spam Filter MailScanner
Spam Filter SpamAssassin
Virusscanner ClamAV
Webinterface Mailwatch
Content Filter DCC
Spam detection network Pyzor
Spam detection network Razor
Grey listing SQL grey
Image Recognition ImageCeberus
System Management Webmin

This made the choice perfect for my use as I run vmware esxi 5.5 for my home server. so I downloaded the OVF from https://efa-project.org/download/

efa1Now that you have downloaded the OVF and hopefully deployed the virtual appliance in you environment it is time to boot it up and configure it for filtering. I was up and running within 15 minutes of installing the virtual appliance. I increased the memory for the vm to 4 gigs as I ran into the machine running out of memory issues and since it is designed without any swap space leaves you vulnerable for a service interruption if you run out of system memory. I increased to 4 gigs of memory and have not had a issue since. Lets get it running!

Initial Configuration

When booting up the system for the first time you will be presented with an login screen on the console.
EFA-Init001.png
When you login with the shown username and password the system will automatically start the EFA-Init setup program.
EFA-Init002.png

 

Questions

The system will ask you the following questions:

Question Description
Hostname The hostname of the machine, this should be a single word and is used to access the system. I would also suggest you use the name you are publishing in your domains MX record this will prevent you from being dns missmatched and possibly being falsley identified as a spam domain.
Domainname The domain to which this machine belongs to, together with the hostname this will make the FQDN to access the server.
Adminemail The email address of an administrator, this user will receive various system related mail’s (available updates\, reports etc..)
IP address The IP for your spam filter, if an internal range is used make sure you configure the appropriate NAT port forwards.
Netmask The netmask for your spam filter.
Default Gateway The default gateway.
Primary DNS The primary DNS server to be used for lookups.
Secondary DNS The secondary DNS server to be used for lookups.
Local User The local admin user name\, for example your normal login name that you use. This is used to logon to the system and webinterface.
Local User password The password for your local user.
Root password The password for root\, this should be a strong password and stored somewhere save.
VMware tools If you run VMware you get the option to install Open VM Tools. If you somehow require the official VMware tools then say No here and install the VMware tools manually later on.
UTC Time If you host is set to the UTC timezone select Yes here.
Timezone Select the timezone you are located in by typing in the appropriate number.
Keyboard layout Select the keyboard layout to use for the system.
IANA Code The IANA code from the country you are in\, this is used to determine which mirror to use to download updates from. If you don’t know your IANA code please find your country at <a href=”http://www.iso.org/iso/country_names_and_code_elements” target=”_blank”>this list</a>.
Your mailserver The IP of hostname of your mailserver to which E.F.A. will forward all mail if believed to be clean.
Your organization name The name of your organization\, this is used in the email headers for example. If you use E.F.A. personally just make something up.
Auto Updates Auto update the system to newer E.F.A. versions when they are available by default this is DISABLED. Note that this might not be allowed by your company update policy\, if you keep the Auto Update setting disabled you will receive an e-mail on the Adminemail address that an update is available.

When all questions are answered you will be presented with an overview of your answers, if you made a mistake or want to change any of the settings just type in the number of the option you want to change.

If all settings are correct type OK to start the configuration.
EFA-Init003.png

When the configuration is finished the system will reboot and will be ready to go.

 

now what does it look like?

Support:

EFA project has an active forum located at https://forum.efa-project.org/