wcSAP focuses on the "delivery mail process" for anonymous mail senders. By anonymous, we mean, non-authenticated or non-trusted mail sessions. For authenticated/trusted sessions, wcSAP is not necessary and will not be called by wcSMTP. The system works well because the majority of all spam is sent by spammers using fake or bad addresses or sent by machines who have a bad "reputation" for sending spam.
Installation:
wcSAP is part of the Wildcat! AVS system and it is installed automatically when you upgrade or fresh install. You can turn it off/on using the Wildca! Configuration Mail Server section or by using the web-based Wildcat AVS Gui Manager by typing the URL link /services/wcavs directed at your wcWEB Server web site.
Upgrading:
During AUP or CD updates, a new WCSAP.ZIP file will be placed in the Wildcat! folder but it will not be unzipped. This file only contains the basic setup files in the WCSAP\ folder and it is not unzipped to avoid destroying any current wcSAP setup you may have. So during updates, you will need to check if this WCSAP.ZIP contains anything new of interest to you. In such cases, Santronics will document the new features, if any, in the Update History for the AUP.
wcsap\wcsap.ini
The wcSAP.ini file is self-commented with help. A standard text editor like NOTEPAD can be used to edit this file or you the /services/wcavs URL link to the Wildcat! AVS Gui Manager. There is no need to restart wcSMTP when you edit this file.
The following are the minimum options needed to get started:
Enabling the test/check methods:
EnableFLTCheck True ; White/black Filter List (FLT)
EnableRBLCheck True ; Realtime Black List (RBL)
EnableSPFCheck True ; Sender Policy Framework (SPF)
EnableCBVCheck True ; SMTP based CallBack Verification (CBV)
SPF uses DNS records to validate the sender IP with the sender domain. To gain full benefits of SPF for your domains, you will need to create SPF TXT records in your DNS Server. See the WCSAP Product Description on examples for setting up SPF records.
Defining the order of the test performed:
CheckingOrder FLT RBL SPF CBV
The above is the default and BCP (Best Current Practice) recommended testing order. The filter file is checked first since it describes your explicit and direct White (accept) and Black (reject) list of rules. RBL offers a "reputation test" followed by a SPF test. Finally ended up with a CBV (Callback Verification) test if none of the preceding test validate or reject the sender.
Preparing the CBV (Callback Verifier):
There are many options for the CBV test. However, the main one is the SapHost keyword. The default option for this is current set as:
; CBV Mail Host Domain ;SapHost mail.yourdomain.com ; Use a special mail host domain, should be MX host. ;SapHost [serverdomain] ; Use Primary Host Domain SapHost [serverip] ; Use WCSMTP server bracketed IP address ;SapHost [mailhost] ; Use PTR lookup of WCSMTP server IP ; if not found in SapMailHost Table
When CBV is activated, it needs to identify your machine at the remote system when the HELO or EHLO command is issued. The macro [serverip] will use the machine IP address which will always work. But you can use a specific public host domain for your machine or use the other macros [serverdomain] or [mailhost] to dynamically set the proper domain name of your machine as it would be known by the outside world.
wcsap\wcsapfilter.txt
The wcsapfilter.txt is your internal Accept/Reject rules allowing for quick validation or rejection.
The file is self-commented with sufficient help. You may use a normal text editor like NOTEPAD to edit this file or by using the web-based Wildcat AVS Gui Manager by typing the URL link /services/wcavs directed at your wcWEB Server web site.