Tools from www.gorlani.com/portal:
Netboar: free and
effective network analysis tool. Similar to iftop
Mac Makeup: change
(spoof) your mac address
TurnItOn:
enable disabled controls
Peks: checksum verification
and modification tool for PE executables
Evtbak: batch backup your
local/remote Windows NT event log
MyGears:
gear/speed calculator
CTI: calculate
rally times
Pinta: free simple
customizable Mailenable antispam plugin
www.gorlani.com and all of its contents are (c) by Marcello Gorlani
Pinta is a free simple and flexible Mailenable
antispam plugin. It was made to be fast, customizable and with extensive logging
support.
Current public version is 1.75d. MD5 Hash of the zip file is 3AF1F8C64A1CDE202CFE8BB0772F3F53
Download
Pinta here and get here
the digital signature
You can place Pinta in any folder on your disk or network. Since it needs some support files, it's better if you place it in its own folder.
Then you need to set up base configuration. Start Pinta from the command line, you should get something like:
Pinta 1.75d (c) 2004 H&C works
- http://www.gorlani.com/portal
This is FREE and unsopported software. Use it at your own risk
Mailenable installation directory:
E:\Program Files\Mail Enable
Mailenable data directory: E:\Program Files\Mail Enable\Storage
A file named pinta.reg was created
in this directory. Double click it to import
settings to the registry
These are the settings:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\H&C
Works\PintaMG]
"MeSMTPPath"="E:\\Program Files\\Mail Enable\\Storage\\Queues\\SMTP"
"SkipAttach"="1"
"Action"="Move"
"MoveDir"="z:\\bin\\pinta\\moved"
"Debug"="1"
"Compare"="Strict"
"LogFile"="z:\\bin\\pinta\\pintalog.txt"
"CaseSensitive"="0"
"BadWordsInHeaders"="0"
"Beep"="0"
"Compare"="Strict"
"Punctuation"="',.:;?!\\/|\""
"SMTPOnly"="1"
"SafeLog"="1"
"LogType"="Registry"
"WordsFile"="z:\\bin\\pinta\\pintawords.txt"
"Weighted"="0"
"WeightLimit"="100"
"FromOkFile"="z:\\bin\\pinta\\pintafromok.txt"
"FromBlackList"="z:\\bin\\pinta\\pintablack.txt"
"ReceivedBlackList"="z:\\bin\\pinta\\pintarecblack.txt"
Action must be Delete or
Move or Copy or None
LogType must be File
or Registry or Both
Debug must be 0 (no
log), 1 (normal), 2 (complete)
Compare must be Strict
or Loose
A file named pinta.reg is created containing the settings above. Double click on it to import the settings into the registry.
If you read "Cannot find a valid Mailenable installation here" Pinta is not able to locate a local installation of Mailenable. You can use pinta on a separate machine, if you provide correct file paths replacing <replace me with Mailenable Storage path>.
Then jump to Mailenable management console, expand Servers->Localhost->Agents,
right-click on MTA and select
properties. Check Enable pickup event
and point to pinta.exe.
Stop and start MTA to begin filtering.
Pinta really need only to files: the binary pinta.exe
and pintawords.txt that is the
file that contains, one per line, the words or phrases you want to ban. See
configuration for details.
Other file may be used to expand filtering capabilities:
| pintafromok.txt | this is a from whitelist. Each line is a substring search rule, so you can type safe@safer.domain or just @safer.domain |
| pintablack.txt | Like the preceding, but this is a blacklist |
| pintarecblack.txt | This contains lines that are checked against Received: headers. This lets you filter out mail that passed from specific servers or programs or IPs. |
If you don't want to use these file, delete them instead of creating them empty for faster filtering.
You need to edit registry values to change Pinta behaviour. Go to
HKEY_LOCAL_MACHINE\SOFTWARE\H&C Works\PintaMG. You need admin rights
to edit values here.
| Action | Must be: |
| BadWordsInHeaders | Must be 0 or 1. Do not use it to filter from fields, use blacklist instead. Default is off (0), as it is faster |
| Beep | Must be 0 or 1 Beeps on each invocation. You can "hear" your server working and evaluate the "load" of the server :-)) Useful for debugging |
| CaseSensitive | Must be 0 or 1 Only performcase sensitive searches |
| Debug | Must be 0, 1 or 2 0 is no log, 1 is normal, 2 is complete. You should use 1 in production environments |
| FromBlackList | Path to the from blacklist file. This contains tha file name too, i.e. |
| FromOkFile | Like the preceding, but this is the whitelist |
| LogFile | Complete path to the log file, i.e. c:\pinta\log.txt |
| LogType | Must be File, Registry or Both If registry is selected, you will see events from pinta in the application log. Category is the pid of the pinta process. |
| MeSMTPPath | Path to Mailenable Storage directory, i.e. |
| MoveDir | Path to the directory that will contain spam messages from Copy or Move actions, i.e. c:\pinta\spambackup |
| SafeLog | Uses a "safer but slower" log method |
| SkipAttach | Must be 0 or 1 Skips processing mime encoded attachments. Faster. |
| SMTPOnly | Must be 0 or 1 Only process SMTP messages |
| WordsFile | The complete path to bad word file, i.e. |
| ReceivedBlackList | The complete path to banned elements in Received:
headers, i.e. c:\pinta\pintarecblack.txt |
| Compare | Must be Loose or Strict Strict makes the program use an exact match comparison: put
does not match with input. While parsing the
string, characters from Punctuation (see below) are considered punctuation. |
| Punctuation | Tha characters that will be considered punctuation while parsing mail lines (See compare above) |
| Weighted | Must be 0 or 1 Turns on weighted processing. |
| WeightLimit | This is the maximum allowed weight for an email |
That's it!
If you need to install it on several machines and have the same settings, you can "cluster" the configuration files in a single network position and set the path using UNC conventions. So you can put \\server\pinta\wordsfileloose.txt into the WordsFile configuration parameter.
When running in weighted mode, Pinta evaluates the "weight" for an
email. If it is greater than WeightLimit parameter into the configuration, the
mail is marked as spam.
When running into wheigthed mode, the words file must be in the format "word,weight",
just like:
| myword,50 anotherword,75 badword,101 |
with weight being an integer number.
The fastest way to implement filtering with Pinta, is to set it to the None
mode. Then you must decide if you need loose match or strict match and then
if you're going to have weighted mode activated.
Then prepare the files, and set debug level 2. This way you can see the way
Pinta filters messages, without taking specific actions. You can also use Copy
mode, so you can evaluate filterede messages and the tune word weights, but
be aware that you probably need a permission to read other people's email!
When you're done with the log and email analysis you can change to Move or Delete
mode to start real filtering with debug level set to 1.
If you really want extreme performance (something like having more than 50 messages per second and per server) it is wise to consider using a ramdisk for the supporting and log files (although considering the limited size of support files, they should remain into the system cache).
This program is thought to be very simple to administer and install. This software
come with no kind of implicit or explicity warranty, so use it at your own risk.
If you need help or infos, jump to the site
forums and ask there.
Current public version is 1.75d. MD5 Hash of the zip file is 3AF1F8C64A1CDE202CFE8BB0772F3F53
Download
Pinta here and get here
the digital signature
1.75d (20040614)
+ Added None mode
+ Added Wheighted mode
= Fixed header filtering
= Several optimizations
1.51d (20040525)
+ Added Loose/Strict mode
Tools from www.gorlani.com/portal:
Netboar: free and
effective network analysis tool. Similar to iftop
Mac Makeup: change
(spoof) your mac address
TurnItOn:
enable disabled controls
Peks: checksum verification
and modification tool for PE executables
Evtbak: batch backup your
local/remote Windows NT event log
MyGears:
gear/speed calculator
CTI: calculate
rally times
Pinta: free simple
customizable Mailenable antispam plugin
www.gorlani.com and all of its contents are (c) by Marcello Gorlani