Free mailserver software for linux

jNetTool is a Swiss-knife for networks. It includes whois and nslookup queries, ping and traceroute, an IP address calculator, and a visual network planing-tool.
Features:
Whois:
With jNetTool-whois you find out who owns a domain or IP-address. Please enter a domain without "www" - for example "ventruba.com".
DNS-Lookup:
With jNetTool-ns-lookup you find out the nameserver for a domain, or which is the ip for a domain (A-record) or which mailserver is responsible (MX-record).
Ping:
A jNetTool-ping is "knocking at the door" of a computer. You will see if a computer is answering and how long will a package take.
Traceroute:
Which way will a package take from you computer to the target and how long will it take itemized for each station - jNetTool-traceroute will tell you.
Portscan:
jNetTool-portscan: Which service offers the computer? Please take care with this, some owner would misinterpret this as an attack! Use ownly if allowed from the owner!
IP-Calculator:
This nice tool shows you the networkclass of an IP-address, or you can calculate subnets, how many hosts are in a subnet, and so on....
Network planning:
The jnetool-networkplaningtool is not for real business, for the moment.
Enhancements:
- change bug, when change language to the selected language
- change bug, show description for ip in net-calc
- change reading of whois.conf now works with launch4j
- add support for .exe (launch4j) for better starting under Windows (but still needs JRE!)
Enhancements:
- change code of panels more modular/more objectorientation
- add drop-down field + history for IP/Domainname
- add mnemonics
- add Tooltips
- add Show message if field domainname is empty on "GO"
- add linkover for ping and traceroute
- change view of traceroute is now simple from system-traceroute
- add Header for each Output-Panel
- change bug on pressing cancel (switch_buttons was called twice)
- change status window with cancel button and progress bar
- change ip-input as dropdown-field with history
- add input-field for dig-server
- add save for all panels except calc

vislog is a set of perlscripts written to bring virus and spamdetection to a mailserver running postfix for smtpd and cyrus-imap for local delivery.

It accepts mail from postfix sends them to clamav-virusscanner und spamassassin and afterwards give the tagged and scanned mail to cyrus-imap for local delivery.

It has a small perlscript to examine its own logfile about the found viruses and generate a html overview about it.

MailRecon is Unix email content control application. It does listen network traffic, capture SMTP messages, analyse it (checks against very flexible and extendable checklist), discards usual private/business messages and save suspicious messages for detailed inspection by security staff.
Main features:
- Capturing email messages from the wire. So its compatible will all mailing software, do not require any reconfiguration and captures messages even if its sent directly to recipient bypassing your mailserver.
- Support for SMTP and POP3 protocols.
- Very flexible mailing filter which goes with MailRecon allows to record only suspicious messages which worth to be examined, and skip usual private and business messages.
- Open Architecture. MailRecon supports plugins for analysis and save of messages. Its very easy to extend its functionality with new plugins - every programmer and system administrator can write it.
- Thanks to Open Architecture, you can use your favorite mail reader or browser to manage archive of captured suspicious messages.
- For limited time, WWW-Security offers free installation and support of evaluation versions on your servers.
- FREE evaluation version which is never expires!
Installation:
- Create user mailrecon and groups mailrecon and mail
- From installation directory run "make install" (as root)
- Copy init.d/mailrecon to your init.d directory and optionally create symlinks from rcN directories if you want to automatially start mailrecon on boot.

PhpWatchDog is a network monitor application which provides a simple way to check if a service (HTTP, FTP, SSH, etc.) is running or not. PhpWatchDog project can send email to the servers administrator to report malfunctions.
This little script is running into my servers from some time (even from two years!). Its very usefull to alert a system administrators team by email. Its a PHP script, so you can setup a cronjob that run the URL of phpwatchdogs installation when you want (I suggest every hour).
Main features:
- check if service is UP or DOWN
- no need to install anything into monitored servers
- report to one email address if service is DOWN
- simple and light
- easy to install and configure
- can set the timeout for probing the service status
- can use fsockopen (PHP) or IO::Socket (PERL) - if for any reasons the fsockopen can operate correctly
- can monitor n servers with a single instance
- can alert a custom email address per server
- to work properly need only APACHE+PHP, no databases or various plugins
- collect each downtime event into a plain text file
Installation:
unpack the downloaded archive
# tar jxvf phpwatchdog-*.tar.bz2
enter into phpwatchdog/ directory and edit the config file (config.php)
# cd phpwatchdog
# nano config.php
Note: here you can see nano, that is an easy to use text editor, but I strongly encourage to learn to use vim (the enhanced version of vi)
put your servers into config.php
$i++;
$config[Servers][$i][host] = 66.35.250.203;
$config[Servers][$i][server_name] = www.sourceforge.net;
$config[Servers][$i][service][1] = 80;
$config[Servers][$i][service][2] = 443;
Every server configuration block must begin with the line "$i++;"
customize your email account for alert reporting into config.php
fire up your browser and go to phpwatchdog installations path
You can schedule the execution of this script putting a similar command into /etc/cron.hourly/ /usr/bin/php-cgi -q /path/of/phpwatchdog/index.php > /dev/null
or using lynx
lynx -dump http://webhost/path/of/phpwatchdog/index.php > /dev/null 2>&1
or with wget
wget -O /dev/null http://webhost/path/of/phpwatchdog/index.php > /dev/null 2>&1
The directory tools contains some usefull scripts:
chk_socket2.pl - its a Perl script used to check the service status if PHP mode is disabled
generate.sh - its a bash script used to generate (with the help of generate.awk) a configuration block from nmap output
sh generate.sh
Usage:
generate.sh IPADDR SERVERNAME
eg:
generate.sh 192.168.0.1 MailServer.com

SMTP Relay Checker is a fully configurable, multithreaded open mail relay scanner. It supports scanning of IP blocks, and can print the results to a Web page.
SMTP Relay Checker is intended for Systems Administrators to check IP blocks under their control.
Compilation / Installation
To build SmtpRC please run "make" in the package directory. This will build the package and create the binary "smtprc". To install the package, please run "make install".
By Default, the binary will be installed into /usr/local/bin/, configuration files will be installed under /usr/local/etc/smtprc/ and all documentation files will be installed under /usr/local/share/doc/smtprc/. Please see below for a full list of installed files.
/usr/local/bin/smtprc
/usr/local/bin/gsmtprc
/usr/local/etc/smtprc/auto.conf
/usr/local/etc/smtprc/email.tmpl
/usr/local/etc/smtprc/rcheck.conf
/usr/local/share/doc/smtprc/README
/usr/local/share/doc/smtprc/FAQ
/usr/local/man/man1/smtprc.1
/usr/local/man/man1/gsmtprc.1
Using Smtprc
SmtpRC can be run by specifying options on the command line, or by configuring an "auto configuration" file and letting SmtpRC parse the options from there. The latter is recommended.
When SmtpRC is installed, a example "auto configuration" file is installed in "/usr/local/etc/smtprc/auto.conf". Edit this file, changing the values to suit your specific network requirements and run smtprc with the following option (a full list of options
is detailed below):
"/usr/local/bin/smtprc -j /usr/local/etc/smtprc/auto.conf"
To be sure that a mailserver relays third-party email, SmtpRC will attempt to relay mail to an address specified. It is recommended that this address is a mailbox on the local machine that is being used to run SmtpRC - pop support is a planned feature, but for now, SmtpRC only supports checking local mailboxes (mbox and Maildir). Create a new user account (smtprc), specify the email address for this account, and the local mailbox (on the command line or in the "auto configuration" file), and SmtpRC will attempt to relay emails to this address and check for recieved emails after scanning.
There is also a GUI interface to smtprc (gsmtprc) that is installed in /usr/local/bin. This requires Perl Tk to run.
Enhancements:
- Fixes a race condition between the master and reaper threads.

lfwmail is a light weight web mail program written in perl.
It will run with acceptable speed even on a Pentium 100Mhz Linux mailserver.
It has just basic features and no calendar or folders but it is fully
mime compatible and can handle attachments.
If you dont like browser cookies, this program is very suitable for you, because you dont have to enable cookies.
It is also very secure when you use https (encryption). HTML
mails are converted to ASCII text for security reasons but
you can still see the HTML mail if you want.
The code is clean and structured. Installation is straight forward
and you dont need a lot of non standard modules.
You can run it in mod_perl if you want. Remember to restart the
server when you do changes in the lfwmC.pm or any other file.
Response time will be very fast with mod_perl however for most people
normal cgi-bin will be good enough. lfwmail is already quite fast.
lfwmail is a light weight mail program. It does not keep track on what
you have read and what is new. You have to remember the dates of the
mails. There is however a small help to keep track on what you have seen
and what is new. It works for Mozilla (not netscape 4), Opera and MS IE
only as it depends on javascript style objects: the background color of e-mails
you have clicked on is changed. This is to keep track on what you have
read and what is new. This information does also survive between sessions since
version 1.5.
Enhancements:
- make it possible to call lfwmail with uid=xxx in the url. e.g https://my.host/cgi-perl/lfwmail?uid=joe_wm

Virge is mail scanner written in C, which replaces/substitutes procmail for a while, checks the incoming mail, and then sends the mail to the procmail. It will check mail for viruses and/or attachment names. Check the FEATURES/README/NEWS files for more details. Virge requires Sendmail and (optionally) AVPDaemon, Sophie or Trophie (to check attachments for viruses).
Virge replaces temporarily procmail. When new mail comes in, Sendmail will pass the contents of the mail to Virge. At that point, Virge performs set of checks:
Checks if the mail has attachments. If it does not, it sends it to procmail for delivery.
If mail has attachments, Virge creates temporary directory, unpacks attachments there, and asks AVP/Sophie/Trophie to scan the temporary directory for viruses. Virge was created with 2 things in mind: performance and security. Because of performance issues, it was not feasible to use any command line scanners like TrendMicro of McAfee ones.
AVP/Sophie/Trophie are instructed to scan attachments for viruses next. If it finds any viruses, mail is immediately isolated in a directory not (hopefully) accessible to anyone except administrators.
If no viruses were found, Virge will then perform attachment check, and see if any of the attachments are not allowed to be sent to the end user. A configuration file is consulted for list of extensions (or full filenames) that should not be allowed in. If any such attachments were found, tricky part comes - Virge will *hopefully* properly "rewrite" the whole email, and strip the attachments that are not allowed. Small notice is attached at the end of the mail, with names of stripped attachments. Mail is also isolated, in case poor overworked sysadmin ever gets some free time to take a closer look.
IMPORTANT: Please, keep in mind that Virge will *NOT* rewrite & send mails when virus has been found. I will *NOT* implement any such features, since it doesnt make any sense (I havent seen a mail with virus that actually had some valuable content in it for many months - maybe even years).
If AVP/Sophie/Trophie are not available (daemon is down), Virge will still deliver mails and annoy admins through syslog messages. Attachment check is still performed.
Users for which no checks should be performed can also be configured. Location of the file can be specified in the configuration file.
Virge is definitelly trying to not let any lame script kiddies abuse it in any way. It is trying to resist to race conditions, buffer overflows, and similar neat tricks. No guarantees, of course, that there are no security problems in Virge.
Virge tries to be as fast as possible, and not waste CPU time or any other resources. It is still possible to make it perform even better, although I presume it would be in 1-5% range. Will take some more time later, and try to fix all the small performance problems.
And yes - Virge *is* fast. I have made a complete Virge V1 in Perl some time ago, but it was absolute failure. Although I tried to use as little modules as possible and make it as fast as possible... it was crap. 2 minutes after I started a script that sends 3-5 mails per second, I started wondering "Why the hell cant I login to the mailserver anymore?". Perl is nice, but its not good for tools like this. Not at all (except if you have low traffic on your mailserver).
And Virge still needs a *lot* of testing. I have tried to test Virge with many different mail (MIME) formats and tried different tricks in order to bypass its decoding techniques (in order to send a virus or .exe to users), but it handles things pretty well. There are cases, though, when it is possible to trick librfc2045 and send attachments that dont get caught, but those attachments are violating RFCs anyway. If your mail client is so stupid to decode invalid/malformed attachments/mails - you deserved it. Dont use stupid mail clients then. Im not going to start adding all those crappy features into Virge that would let someone detect all possible tricks which can be used. Use good mail clients, dont rely on Virge to save you.
Main features:
- Virge can check every incoming mail for attachments, and can remove attachments that are considered dangerous.
- "Dangerous" can be defined:
- email with specific kinds of attachments (e.g., .EXE, .COM, etc.)
- email that contains a virus as identified by Sophie ( http://www.vanja.com )
- email that contains a virus as identified by trophie ( http://www.vanja.com )
- email that contains a virus as identified by AVPDaemon (http://www.avp.ch)
- Any combination of the above.
- Dangerous email can trigger:
- rewriting that removes virus.
- alert back to sender.
- alert to recepient.
- alert to system manager.
- rewrite to remove virus.
- All offending mail messages can be isolated for later reviewing.
- Written in C, so it is very fast, doesnt waste resources, and doesnt depend on a complicated perl installation (which is subject to breaking).
- Notification can be sent (configurable) to sender/recipient of suspicious/infected mail. Templates can be used to define the layout of the mail.
- Regular expressions can be used for filename matching
- Virge was made with security in mind, and should be hard to abuse
- Can be configured to fail open or fail closed if load on the machine goes too high.
- Virge 3.0 designed for easy integration with Postfix