Spamassassin: Difference between revisions
No edit summary |
No edit summary |
||
(5 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= Spamassassin = | |||
install the packages. Also install pyzor and razor | install the packages. Also install pyzor and razor | ||
create a user "spamfilter" | create a user "spamfilter" | ||
adduser --system spamfilter | adduser --system spamfilter | ||
mkdir /var/spool/spamassassin | mkdir /var/spool/spamassassin | ||
touch /var/log/mail/spamd.log | |||
/etc/spamassassin/local.cf | /etc/spamassassin/local.cf | ||
<pre> | |||
# This is the right place to customize your installation of SpamAssassin. | # This is the right place to customize your installation of SpamAssassin. | ||
# | # | ||
Line 19: | Line 23: | ||
# | # | ||
# rewrite_header Subject *****SPAM***** | # rewrite_header Subject *****SPAM***** | ||
rewrite_header Subject ** | rewrite_header Subject **We says: SPAM** | ||
# report_safe 1 | # report_safe 1 | ||
Line 39: | Line 43: | ||
use_bayes 1 | use_bayes 1 | ||
use_bayes_rules 1 | use_bayes_rules 1 | ||
# bayes_path /var/spool/spamassassin/bayes | |||
# bayes_file_mode 0666 | |||
# Enable Bayes auto-learning | # Enable Bayes auto-learning | ||
Line 62: | Line 66: | ||
use_auto_whitelist 0 | use_auto_whitelist 0 | ||
</pre> | |||
in /etc/postfix/master.cf | in /etc/postfix/master.cf change | ||
change | |||
<pre> | |||
smtp inet n - - - - smtpd | smtp inet n - - - - smtpd | ||
</pre> | |||
to | to | ||
<pre> | |||
smtp inet n - - - - smtpd | smtp inet n - - - - smtpd | ||
-o content_filter=spamassassin | -o content_filter=spamassassin | ||
</pre> | |||
At the bottom of master.cf add | At the bottom of master.cf add | ||
<pre> | |||
spamassassin unix - n n - - pipe | spamassassin unix - n n - - pipe | ||
user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient) | user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient) | ||
</pre> | |||
This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees. | This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees. | ||
Edit v310.pre to enable TextCat and DCC and DWL | |||
To check a configuration, use | To check a configuration, use | ||
<pre> | |||
spamassassin --lint | spamassassin --lint | ||
</pre> | |||
Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!) | Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!) | ||
then set /etc/default/spamassassin | then set /etc/default/spamassassin | ||
<pre> | |||
ENABLED = 1 | ENABLED = 1 | ||
</pre> | |||
and in the OPTIONS add | and in the OPTIONS add | ||
</pre> | |||
-s /var/log/mail/spamd.log | -s /var/log/mail/spamd.log | ||
touch /var/log/mail/spamd.log | |||
vi /etc/logrotate.d/rsyslog | |||
</pre> | |||
to add the logfile for rotation | |||
Then | |||
<pre> | |||
/etc/init.d/spamassassin start | /etc/init.d/spamassassin start | ||
</pre> | |||
to start spamd. | to start spamd. | ||
check /var/log/mail/spamd.log to see what's going on. | |||
= Razor = | |||
To start razor you have to | To start razor you have to | ||
<pre> | |||
$ razor-client [creates symbolic links] | $ razor-client [creates symbolic links] - NB Depreciated | ||
$ razor-admin --create [creates the razor home] | $ razor-admin --create [creates the razor home] | ||
$ razor-admin --register [registers an account] | $ razor-admin --register [registers an account] | ||
</pre> | |||
To get dcc working you have to edit v310.pre and uncomment it. | To get dcc working you have to edit v310.pre and uncomment it. | ||
Line 124: | Line 135: | ||
NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run. | NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run. | ||
Language Filtering | = Language Filtering = | ||
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre) | first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre) | ||
Line 209: | Line 219: | ||
ok_locales en | ok_locales en | ||
Per User Settings | = Per User Settings = | ||
If you need a personal filter for a single user, you need a | If you need a personal filter for a single user, you need a | ||
<pre> | |||
~/.procmailrc | ~/.procmailrc | ||
</pre> | |||
file. | file. | ||
To simply delete all the spamassassin tagged spam, fill the file with | To simply delete all the spamassassin tagged spam, fill the file with | ||
<pre> | |||
:0 HB | :0 HB | ||
* | * We says: SPAM | ||
/dev/null | /dev/null | ||
</pre> | |||
If you get "Suspicious rcfile" messages in mail.err for a user check the following: | If you get "Suspicious rcfile" messages in mail.err for a user check the following: | ||
- is the .procmailrc file owned by the user or world writeable | - is the .procmailrc file owned by the user or world writeable | ||
- is the userdirectory owned by the user or world writeable | - is the userdirectory owned by the user or world writeable | ||
- apparently the sticky bit (+s or +t) shouldn't be set | - apparently the sticky bit (+s or +t) shouldn't be set | ||
The directory / file permissions should be 740 or 744. | The directory / file permissions should be 740 or 744. | ||
If you need per user spamassassin settings (such as changing the score or filtering on language) you need a | If you need per user spamassassin settings (such as changing the score or filtering on language) you need a | ||
<pre> | |||
~/.spamassassin/ | ~/.spamassassin/ | ||
</pre> | |||
directory containing a file: | directory containing a file: | ||
<pre> | |||
user_prefs | user_prefs | ||
</pre> | |||
You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there. | You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there. | ||
== spam / ham learning == | |||
[http://www.surmunity.com/showthread.php/22427-SpamAssassin-to-work-with-maildir Spam / Ham learning script] | |||
http://faisal.com/docs/salearn.html | |||
ham is not spam! | |||
run the following from the command line (for Maildir): | |||
<pre> | |||
sa-learn --ham ~/Maildir/cur/ | |||
</pre> | |||
to say everything in your inbox is ham | |||
<pre> | |||
sa-learn --spam ~/Maildir/.Junk\ E-mail/ | |||
</pre> | </pre> | ||
to say everything in there is spam | |||
You can also use: | |||
<pre> | |||
sa-learn --ham ~/Maildir/.Leveranciers*/ | |||
</pre> |
Latest revision as of 10:14, 14 November 2016
Spamassassin
install the packages. Also install pyzor and razor
create a user "spamfilter"
adduser --system spamfilter
mkdir /var/spool/spamassassin
touch /var/log/mail/spamd.log
/etc/spamassassin/local.cf
# This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # ########################################################################### # # Debian standard stuff # # rewrite_header Subject *****SPAM***** rewrite_header Subject **We says: SPAM** # report_safe 1 report_safe 1 # trusted_networks 212.17.35. # lock_method flock lock_method flock # SpamAssassin config file for version 3.x # NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6 # See http://www.yrex.com/spam/spamconfig25.php for earlier versions # Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50) # How many hits before a message is considered spam. required_score 7.0 # Enable the Bayes system use_bayes 1 use_bayes_rules 1 # bayes_path /var/spool/spamassassin/bayes # bayes_file_mode 0666 # Enable Bayes auto-learning bayes_auto_learn 1 # Enable or disable network checks skip_rbl_checks 0 use_razor2 1 use_dcc 1 use_pyzor 1 # Mail using languages used in these country codes will not be marked # as being possibly spam in a foreign language. ok_languages all # Mail using locales used in these country codes will not be marked # as being possibly spam in a foreign language. ok_locales all # Autowhitelist feature turned off because creates a large file use_auto_whitelist 0
in /etc/postfix/master.cf change
smtp inet n - - - - smtpd
to
smtp inet n - - - - smtpd -o content_filter=spamassassin
At the bottom of master.cf add
spamassassin unix - n n - - pipe user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)
This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.
Edit v310.pre to enable TextCat and DCC and DWL
To check a configuration, use
spamassassin --lint
Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)
then set /etc/default/spamassassin
ENABLED = 1
and in the OPTIONS add
-s /var/log/mail/spamd.log touch /var/log/mail/spamd.log vi /etc/logrotate.d/rsyslog
to add the logfile for rotation
Then
/etc/init.d/spamassassin start
to start spamd.
check /var/log/mail/spamd.log to see what's going on.
Razor
To start razor you have to
$ razor-client [creates symbolic links] - NB Depreciated $ razor-admin --create [creates the razor home] $ razor-admin --register [registers an account]
To get dcc working you have to edit v310.pre and uncomment it.
There's a few options to be found in /etc/default/spamassassin (such as that the logfile is in /var/log/mail/spamd.log
NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run.
Language Filtering
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)
Then the ok_languages and ok_locales (charactersets) can be used to specify which languages and locales are considered allright to use. If an email contains mail from a different locale / language the spam score is raised.
List of charactersets: en - Western character sets in general ja - Japanese character sets ko - Korean character sets ru - Cyrillic character sets th - Thai character sets zh - Chinese (both simplified and traditional) character sets
List of languages:
* af - Afrikaans * sq - Albanian * am - Amharic * ar - Arabic * hy - Armenian * eu - Basque * bs - Bosnian * bg - Bulgarian * be - Belorussian * ca - Catalan * zh - Chinese * hr - Croatian * cs - Czech * da - Danish * nl - Dutch * en - English * eo - Esperanto * et - Estonian * fi - Finnish * fr - French * fy - Frisian * ka - Georgian * de - German * el - Greek * he - Hebrew * hu - Hungarian * hi - Hindi * is - Icelandic * id - Indonesian * ga - Irish Gaelic * it - Italian * ja - Japanese * ko - Korean * la - Latin * lv - Latvian * lt - Lithuanian * ms - Malay * mr - Marathi * ne - Nepali * no - Norwegian * fa - Persian * pl - Polish * pt - Portuguese * qu - Quechua * rm - Rhaeto-Romance * ro - Romanian * ru - Russian * sa - Sanskrit * sco - Scots * gd - Scottish Gaelic * sr - Serbian * sk - Slovak * sl - Slovenian * es - Spanish * sw - Swahili * sv - Swedish * tl - Tagalog * ta - Tamil * th - Thai * tr - Turkish * uk - Ukrainian * vi - Vietnamese * cy - Welsh * yi - Yiddish
eg:
- - dutch english french german
ok_languages nl en fr de ok_locales en
Per User Settings
If you need a personal filter for a single user, you need a
~/.procmailrc
file.
To simply delete all the spamassassin tagged spam, fill the file with
:0 HB * We says: SPAM /dev/null
If you get "Suspicious rcfile" messages in mail.err for a user check the following:
- is the .procmailrc file owned by the user or world writeable
- is the userdirectory owned by the user or world writeable
- apparently the sticky bit (+s or +t) shouldn't be set
The directory / file permissions should be 740 or 744.
If you need per user spamassassin settings (such as changing the score or filtering on language) you need a
~/.spamassassin/
directory containing a file:
user_prefs
You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.
spam / ham learning
Spam / Ham learning script http://faisal.com/docs/salearn.html
ham is not spam!
run the following from the command line (for Maildir):
sa-learn --ham ~/Maildir/cur/
to say everything in your inbox is ham
sa-learn --spam ~/Maildir/.Junk\ E-mail/
to say everything in there is spam
You can also use:
sa-learn --ham ~/Maildir/.Leveranciers*/