Spamassassin
Spamassassin
install the packages. Also install pyzor and razor
create a user "spamfilter"
adduser --system spamfilter
mkdir /var/spool/spamassassin
touch /var/log/mail/spamd.log
/etc/spamassassin/local.cf
# This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # ########################################################################### # # Debian standard stuff # # rewrite_header Subject *****SPAM***** rewrite_header Subject **We says: SPAM** # report_safe 1 report_safe 1 # trusted_networks 212.17.35. # lock_method flock lock_method flock # SpamAssassin config file for version 3.x # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6 # See http://www.yrex.com/spam/spamconfig25.php for earlier versions # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50) # How many hits before a message is considered spam. required_score 7.0 # Enable the Bayes system use_bayes 1 use_bayes_rules 1 # bayes_path /var/spool/spamassassin/bayes # bayes_file_mode 0666 # Enable Bayes auto-learning bayes_auto_learn 1 # Enable or disable network checks skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1 # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. ok_languages all # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales all # Autowhitelist feature turned off because creates a large file use_auto_whitelist 0
in /etc/postfix/master.cf change
smtp inet n - - - - smtpd
to
smtp inet n - - - - smtpd -o content_filter=spamassassin
At the bottom of master.cf add
spamassassin unix - n n - - pipe user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)
This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.
Edit v310.pre to enable TextCat and DCC and DWL
To check a configuration, use
spamassassin --lint
Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)
then set /etc/default/spamassassin
ENABLED = 1
and in the OPTIONS add
-s /var/log/mail/spamd.log touch /var/log/mail/spamd.log vi /etc/logrotate.d/rsyslog
to add the logfile for rotation
Then
/etc/init.d/spamassassin start
to start spamd.
check /var/log/mail/spamd.log to see what's going on.
Razor
To start razor you have to
$ razor-client [creates symbolic links] - NB Depreciated $ razor-admin --create [creates the razor home] $ razor-admin --register [registers an account]
To get dcc working you have to edit v310.pre and uncomment it.
There's a few options to be found in /etc/default/spamassassin (such as that the logfile is in /var/log/mail/spamd.log
NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run.
Language Filtering
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)
Then the ok_languages and ok_locales (charactersets) can be used to specify which languages and locales are considered allright to use. If an email contains mail from a different locale / language the spam score is raised.
List of charactersets: en - Western character sets in general ja - Japanese character sets ko - Korean character sets ru - Cyrillic character sets th - Thai character sets zh - Chinese (both simplified and traditional) character sets
List of languages:
* af - Afrikaans * sq - Albanian * am - Amharic * ar - Arabic * hy - Armenian * eu - Basque * bs - Bosnian * bg - Bulgarian * be - Belorussian * ca - Catalan * zh - Chinese * hr - Croatian * cs - Czech * da - Danish * nl - Dutch * en - English * eo - Esperanto * et - Estonian * fi - Finnish * fr - French * fy - Frisian * ka - Georgian * de - German * el - Greek * he - Hebrew * hu - Hungarian * hi - Hindi * is - Icelandic * id - Indonesian * ga - Irish Gaelic * it - Italian * ja - Japanese * ko - Korean * la - Latin * lv - Latvian * lt - Lithuanian * ms - Malay * mr - Marathi * ne - Nepali * no - Norwegian * fa - Persian * pl - Polish * pt - Portuguese * qu - Quechua * rm - Rhaeto-Romance * ro - Romanian * ru - Russian * sa - Sanskrit * sco - Scots * gd - Scottish Gaelic * sr - Serbian * sk - Slovak * sl - Slovenian * es - Spanish * sw - Swahili * sv - Swedish * tl - Tagalog * ta - Tamil * th - Thai * tr - Turkish * uk - Ukrainian * vi - Vietnamese * cy - Welsh * yi - Yiddish
eg:
- - dutch english french german
ok_languages nl en fr de ok_locales en
Per User Settings
If you need a personal filter for a single user, you need a
~/.procmailrc
file.
To simply delete all the spamassassin tagged spam, fill the file with
:0 HB * We says: SPAM /dev/null
If you get "Suspicious rcfile" messages in mail.err for a user check the following:
- is the .procmailrc file owned by the user or world writeable
- is the userdirectory owned by the user or world writeable
- apparently the sticky bit (+s or +t) shouldn't be set
The directory / file permissions should be 740 or 744.
If you need per user spamassassin settings (such as changing the score or filtering on language) you need a
~/.spamassassin/
directory containing a file:
user_prefs
You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.
spam / ham learning
Spam / Ham learning script http://faisal.com/docs/salearn.html
ham is not spam!
run the following from the command line (for Maildir):
sa-learn --ham ~/Maildir/cur/
to say everything in your inbox is ham
sa-learn --spam ~/Maildir/.Junk\ E-mail/
to say everything in there is spam
You can also use:
sa-learn --ham ~/Maildir/.Leveranciers*/