New about nod32mta scanner

12. 12. 2008:
I noticed - spam mails are getting smarter and smarter - usualy spam mails are smaller than 80kB but now I noticed more and more mails are size of 93 - 106 kB so I changed maximum filesize for spamassassin checking - now program checks files up to 120kB so hopefully no spam will get trhue. Program is updated - installation: download and overwrite nod32mta.exe.

What is nod32mta pickup Event?

Nod32mta pickup event is a program that includes antivirus software NOD32 and spamassassin software (sawin32: spamassassin for windows). This programs can be implemented in mail server program mailEnable (all editions: mailEnable standard, mailEnable professional ormailEnable enterprise edition).

Nod32mta pickup event is used for:
  • scaning incoming mails and checking if mail includes viruses, spyware, trojan horses, malware and even potentional dangerous applications
  • scaning and evaluating mails id they are spam or ham (spamassassin)

Where can I download spamassassin for windows, antivirus program NOD32 and nod32mta pickup event program?

You can get local copies of programs from my webserver ( and links are here:
Mail server mailEnable standard v1.983
Nod32mta pickup event program for mailEnable
SpamAssassin v3.2.3.5 for windows
NOD32 for windows v2.7

...or you can download software from its original download places (also latest releases):
Mail server mailEnable
SpamAssassin for windows
NOD32 for windows

NOD32 antivirus and spamassassin implementation with mailEnable standard on windows server 2003

Nod32mta pickup event program gets all the necesary info from The Registry so you won't need to configure much. So instalation is a quite simple to do.

1. Download

Download all the software (programs)I described earlier in "Where can I download...".

2.Installation of mailEnable mail server

For this installation Irecomend you visit mailEnable website and read more about it: HOWTO: Installing and configuring MailEnable server.

3. Configuration of mailEnable mail server

detailed configuration of MailEnable mail server can be found on their webpage. You can follow this link and it will take you to their 'quick start' guide with basic instructions on configuring and running the MailEnable software.

4. Installation and configuration of NOD32 antivirus program

NOD32 installation is simple and you can look at it on NOD32 webpage. For integration of NOD32 in mta pickup event you don't need to do anything. MTA pickup program will detect NOD32 and configure it by itself.

5. Installation of spamassassin for windows

Create folder "spam on you C: drive. Download spamassasin zip file to folder "c:\spam". Extract contents of file in folder "c:\spam".

If you've done it oky ther folder "c:\spam" should looking like:
spamassassin installation folder

As you probably know program spamd.exe is daemonized version of the spamassassin executable. The goal of spam-daemon is improving throughput performance for automated mail checking. Once you start it it will be listed in processes in windows task manager. Next thing you should know is that spamc.exe and spamcc.exe are programs that use process of spamassassin that is running in background.

So for effective use of spamd you should run it with parameters (in command prompt "cmd"):
c:\spam\spamd.exe --configpath="c:\spam\share\spamassassin" --siteconfigpath="c:\spam\etc\spamassassin" --syslog="c:\spam\SpamD_log.txt" --allow-tell --round-robin

So every time computer starts up you must run spamd.exe so it will be loaded in memory and will be working.

Now it is best to automize startup od spamd.exe automatic every time computers starts. Yo you create "start_spamd.bat" file in folder "c:\spam" and copy paste "c:\spam\spamd.exe --congif ..." writen earlier in file "start_spamd.bat". Than simpli copy-paste this file in Start Menu of windows: Start - Programs - Startup and spamd will allways start when windows starts.

You can allways check spamd log file (c:\spam\SpamD_log.txt) and you can check if scaning and cleaning of spam mails is working fine.

5. Installing and configuring nod32mta.exe pickup event program

Download nod32mta.exe program and save it in "c:\spam" folder.

Now go to MailEnable Control Panel (MailEnable Administraator) and right-click on MTA - Properties.
mailEnable administrator mta pickup event

Enable »Pickup Event« »Browse« and point to nod32mta.exe file (in folder "c:\spam"). click on "enable pickup event" and then "Browse" and point to the "c:\spam\nod32mta.exe" program. Set maximum send threads to 1 and then the settings should look like next picture:
properties of MTA for scaning spam and virus mails

Stop and Start again MTA service and that's it (options are if you "right-click" on MTA)

For more options nod32mta pickup event logs all of its activity. There is a list of scaned mails and status - if mail is spam or mail has virus attatchments...). You will find the log in MailEnable Control Panel (Administrator) Administrator: Agents - MTA - Logs -Activity - "MTA-Activity-VirusScans.log"

Advanced features of nod32mta - ham and spam mails

For advanced features of MTA I made nod32mta.exe to copy all of recieved mails to folders and those files (mails) can be used for further analysis and can be used to learn basesian on them.

Folders and what they contain:
c:\spam\mails\ham\ (original emails - HAM - good mails that are not SPAM)
c:\spam\mails\marked\ (SPAM emails that are Marked spam msg: X-Flag and rules and points of SPAM are included - used only for your information)
c:\spam\mails\spam\ (original email marked SPAM)

Here are examples of HAM, SPAM and MARKED mails:
link to ham email | link to spam emai (it is the same as marked mail without rules list) | link to marked email

Advanced bayesian learning of spam mails with sa-learn.exe

So now you got a lot of mails (ham and spam in folders "c:\spam\mails\ham" and "c:\spam\mails\spam". Now you would like spamass. to learn on those mails. In next steps I will show you how to do that.

Download v3.2.3.3 (program for advanced bayesian learning of spam) and extract it to folder "c:\spam". 3 files will be added in folder spam and sa-learn.exe is the right one to use for bayes-learning. Program sa-learn.exe is allways run it from command prompt "cmd".

So for learning ham (good mails) you use:
c:\spam\sa-learn.exe --ham --use-ignores --progress c:\spam\mails\ham

For learnin spam mails you use:
c:\spam\sa-learn.exe --spam --use-ignores --progress c:\spam\mails\spam

Attention! Before learning HAM you should allways go to ham folder and check if eventually there are mails in "ham folder" that should be in "spam". If you see one simply move it from "HAM" to "SPAM" folder and sa-learn.exe will mark it spam in database.

Problem winth windows spamassassin: if spamd process stops - how to solve it and restart process?!

On 22.11.2007 I noticed spamassassin for windows has a huge BUG and that is that sometimes spamd.exe process stops at random times. That is a big problem because when it stops spam mails get thrue and you have to manualy start spamd.exe again.

For that I wrote a program that monitors spamassassin spamd.exe process every 5 seconds and if spamd process stops program starts it again and everything is working ok. This program is a typical windows process monitoring and manipulation software.

check for spamd process and restart
Check for process spamd is hidden as tray icon and can be shown for user to see when process stoped and when it was restarted.

Download of program is here: Program for checking if spam.exe process is working

Installation manual: Download program checkspamd.exe to local folder "c:\spam". After that create shourtcut to it and copy it to Start menu under: Start - Programs - Startup so it will allways start on windows startup.

Interesting webpages
web-link Exchange:
spletna trgovina - vse za vaše hišne ljubljenčke (pse, muce, ribe ...)
kvalitetno in cenovno ugodno lektoriranje vseh vrst besedil
Bistriški tednih panorama - aktualni dogodki in zanimivosti
knjigovodstvo - vodenje knjigovodstva in računovodstvo
gostovanje in izdelava statičnih in dinamičnih ispletnih strani
All content and photos of webpage installing mailEnable mail server, antivirus solution NOD32 and spamassassin
software for fighting spam on windows are copyrighted material and are not allowed to distribute without author permission.
Copyrighted ©2007