May 1, 2009

599 words 3 mins read

Untangle – Don't bother

Recently, we’ve had an upwelling of spam at the office. The most problematic component of which is the fact that all the text is gibberish with only the images being “Spam”. If your spam filter doesn’t have an OCR plugin, it’s not going to do a very good job stopping the spam — which is exactly where I was. To make a long story short, getting an OCR plugin for my implementation of SpamAssassin was going to be a royal pain in the ass, so I figured I’d give some alternatives a try.

I spent a little time looking around at anti-spam appliances before I remembered Untangle, an open source gateway. I’ve run into them a few times at places like LinuxWorld, but never really had a chance to give them a try. Their gateway offers a plethora of “applications” you can install with a single click, such as: spam blocker, web filter, firewall, VPN, and routing. The reason why I was never that inclined to give them a try was because I had all the features I needed & wanted already built into my current firewall (with the exception of QoS — not to be confused with Quantum of Solace, which is just awesome in general). Now that my spam blocker wasn’t up to the task, I figured I’d give theirs a try. Plus if it worked well, I could use it to replace my current gateway/firewall completely.

But… I never got that far. I can’t even tell you how well the spam blocker works, because I could never get Untangle running properly. I installed Untagle onto a VMWare image with enough system specs to make it happy, and 2 network interfaces. I installed it in Router/Gateway mode as that is how I’d end up using (as opposed to the “Transparent” mode which makes me nervous).

I suppose a majority of the problems I have with Untagle comes in the form of the forum goers. The people I talked with essentially told me that the spam blocking “just works transparently”. When I tried to explain to them that you can’t go modifying packets after they’ve already been sent (you can’t go marking emails as spam until you’ve read the entire email) and therefor it must store the entire message (if nothing, in buffer), they gave me more “it just works transparently” crap. After that I tried to get help on actually getting the damn software to work. Ya know, accept emails and send them along (however the hell it was suppose to work, I didn’t care at this point in time). I got some info about it, and a lot of lip. As frustrated as I was at this point in time, I followed the directions on the linked wiki page… and it still didn’t work.

Apparently even with setting up port forwarding and installing the Firewall application to allow access to port 25, you’re not allowed to access port 25. Kind of hard for a device to “just work transparently” when it is blocking access to the port. So after spending almost an entire day dicking around with the software and not even being able to forward emails through it (let alone anything else), I said “F*ck it”. Untangle is supposed to be “point and click” software. If I’m reduced to SSH’ing into the box to flush IPtables just to get the machine to work halfway… I’m better off building the system myself. Which is EXACTLY what I’ll do instead of EVER touching Untangle again.

Update 2009-05-01 20:13 UTC: Seems my Untangle thread friends found me. ROFLCOPTER!