Spamassassin: Difference between revisions

From Edgar BV Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
<pre>
= Spamassassin =
 
install the packages. Also install pyzor and razor
install the packages. Also install pyzor and razor


create a user "spamfilter"
create a user "spamfilter"
adduser --system spamfilter
adduser --system spamfilter


mkdir /var/spool/spamassassin
mkdir /var/spool/spamassassin
touch /var/log/mail/spamd.log


/etc/spamassassin/local.cf
/etc/spamassassin/local.cf
---------------
<pre>
# This is the right place to customize your installation of SpamAssassin.
# This is the right place to customize your installation of SpamAssassin.
#
#
Line 19: Line 23:
#
#
# rewrite_header Subject *****SPAM*****
# rewrite_header Subject *****SPAM*****
rewrite_header Subject **Tripany says: SPAM**
rewrite_header Subject **We says: SPAM**


# report_safe 1
# report_safe 1
Line 39: Line 43:
  use_bayes              1
  use_bayes              1
  use_bayes_rules        1
  use_bayes_rules        1
        bayes_path        /var/spool/spamassassin/bayes
#        bayes_path        /var/spool/spamassassin/bayes
        bayes_file_mode  0666
#        bayes_file_mode  0666


# Enable Bayes auto-learning
# Enable Bayes auto-learning
Line 62: Line 66:
   use_auto_whitelist 0
   use_auto_whitelist 0


--------------------
</pre>


in /etc/postfix/master.cf
in /etc/postfix/master.cf change
change


--------------------
<pre>
smtp      inet  n      -      -      -      -      smtpd
smtp      inet  n      -      -      -      -      smtpd
--------------------
</pre>


to
to


--------------------
<pre>
smtp      inet  n      -      -      -      -      smtpd
smtp      inet  n      -      -      -      -      smtpd
         -o content_filter=spamassassin
         -o content_filter=spamassassin
--------------------
</pre>


At the bottom of master.cf add
At the bottom of master.cf add


--------------------
<pre>
spamassassin unix -    n      n      -      -      pipe
spamassassin unix -    n      n      -      -      pipe
         user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)
         user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)
--------------------
</pre>


This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.
This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.
Edit v310.pre to enable TextCat and DCC and DWL


To check a configuration, use  
To check a configuration, use  


<pre>
spamassassin --lint
spamassassin --lint
 
</pre>
but make sure you've edited v310.pre before or you'll get errors (you have to enable TextCat and DCC and DWL)
 


Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)
Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)


then set /etc/default/spamassassin
then set /etc/default/spamassassin
<pre>
ENABLED = 1
ENABLED = 1
 
</pre>
and in the OPTIONS add
and in the OPTIONS add
</pre>
-s /var/log/mail/spamd.log
-s /var/log/mail/spamd.log
touch /var/log/mail/spamd.log
vi /etc/logrotate.d/rsyslog
</pre>
to add the logfile for rotation


Then
<pre>
/etc/init.d/spamassassin start  
/etc/init.d/spamassassin start  
 
</pre>
to start spamd.
to start spamd.


touch /var/log/mail/spamd.log
check /var/log/mail/spamd.log to see what's going on.
vi /etc/logrotate.d/rsyslog to add the logfile for rotation
 


check /var/log/mail/spamd.log to see what's going on.
= Razor =


To start razor you have to  
To start razor you have to  
 
<pre>
         $ razor-client          [creates symbolic links]
         $ razor-client          [creates symbolic links] - NB Depreciated
         $ razor-admin --create  [creates the razor home]
         $ razor-admin --create  [creates the razor home]
         $ razor-admin --register [registers an account]
         $ razor-admin --register [registers an account]
</pre>


To get dcc working you have to edit v310.pre and uncomment it.
To get dcc working you have to edit v310.pre and uncomment it.
Line 124: Line 135:
NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run.  
NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run.  


Language Filtering:
= Language Filtering =
--------------------
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)


Line 209: Line 219:
ok_locales              en
ok_locales              en


Per User Settings:
= Per User Settings =
-------------------
If you need a personal filter for a single user, you need a  
If you need a personal filter for a single user, you need a  
<pre>
~/.procmailrc
~/.procmailrc
</pre>
file.
file.


To simply delete all the spamassassin tagged spam, fill the file with
To simply delete all the spamassassin tagged spam, fill the file with
----------------
<pre>
:0 HB
:0 HB
* Tripany says: SPAM
* We says: SPAM
/dev/null
/dev/null
----------------
</pre>


If you get "Suspicious rcfile" messages in mail.err for a user check the following:
If you get "Suspicious rcfile" messages in mail.err for a user check the following:
- is the .procmailrc file owned by the user or world writeable
- is the .procmailrc file owned by the user or world writeable
- is the userdirectory owned by the user or world writeable
- is the userdirectory owned by the user or world writeable
- apparently the sticky bit (+s or +t) shouldn't be set
- apparently the sticky bit (+s or +t) shouldn't be set


The directory / file permissions should be 740 or 744.
The directory / file permissions should be 740 or 744.


If you need per user spamassassin settings (such as changing the score or filtering on language) you need a
If you need per user spamassassin settings (such as changing the score or filtering on language) you need a
<pre>
~/.spamassassin/
~/.spamassassin/
</pre>
directory containing a file:
directory containing a file:
<pre>
user_prefs
user_prefs
</pre>


You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.
You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.


== spam / ham learning ==
[http://www.surmunity.com/showthread.php/22427-SpamAssassin-to-work-with-maildir Spam / Ham learning script]
http://faisal.com/docs/salearn.html
ham is not spam!
run the following from the command line (for Maildir):
<pre>
sa-learn --ham ~/Maildir/cur/
</pre>
to say everything in your inbox is ham
<pre>
sa-learn --spam ~/Maildir/.Junk\ E-mail/
</pre>
</pre>
to say everything in there is spam


[http://www.surmunity.com/showthread.php/22427-SpamAssassin-to-work-with-maildir Spam / Ham learning script]
You can also use:
<pre>
sa-learn --ham ~/Maildir/.Leveranciers*/
</pre>

Latest revision as of 10:14, 14 November 2016

Spamassassin

install the packages. Also install pyzor and razor

create a user "spamfilter"

adduser --system spamfilter

mkdir /var/spool/spamassassin

touch /var/log/mail/spamd.log

/etc/spamassassin/local.cf 

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
# Debian standard stuff
#
# rewrite_header Subject *****SPAM*****
rewrite_header Subject **We says: SPAM**

# report_safe 1
 report_safe 1

# trusted_networks 212.17.35.
# lock_method flock
lock_method flock

# SpamAssassin config file for version 3.x
# NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
# See http://www.yrex.com/spam/spamconfig25.php for earlier versions
# Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)

# How many hits before a message is considered spam.
 required_score           7.0

# Enable the Bayes system
 use_bayes               1
 use_bayes_rules        1
#        bayes_path        /var/spool/spamassassin/bayes
#        bayes_file_mode   0666

# Enable Bayes auto-learning
 bayes_auto_learn              1

# Enable or disable network checks
 skip_rbl_checks         0
 use_razor2              1
 use_dcc                 1
 use_pyzor               1

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
 ok_languages            all

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
 ok_locales              all

# Autowhitelist feature turned off because creates a large file
   use_auto_whitelist 0

in /etc/postfix/master.cf change 

smtp      inet  n       -       -       -       -       smtpd

to 

smtp      inet  n       -       -       -       -       smtpd
        -o content_filter=spamassassin

At the bottom of master.cf add 

spamassassin unix -     n       n       -       -       pipe
        user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)

This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.

Edit v310.pre to enable TextCat and DCC and DWL

To check a configuration, use 

spamassassin --lint

Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)

then set /etc/default/spamassassin 

ENABLED = 1

and in the OPTIONS add

-s /var/log/mail/spamd.log touch /var/log/mail/spamd.log vi /etc/logrotate.d/rsyslog

to add the logfile for rotation

Then 

/etc/init.d/spamassassin start

to start spamd.

check /var/log/mail/spamd.log to see what's going on.

Razor

To start razor you have to 

        $ razor-client           [creates symbolic links] - NB Depreciated
        $ razor-admin --create   [creates the razor home]
        $ razor-admin --register [registers an account]

To get dcc working you have to edit v310.pre and uncomment it.

There's a few options to be found in /etc/default/spamassassin (such as that the logfile is in /var/log/mail/spamd.log

NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run.

Language Filtering

first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)

Then the ok_languages and ok_locales (charactersets) can be used to specify which languages and locales are considered allright to use. If an email contains mail from a different locale / language the spam score is raised.

List of charactersets: en - Western character sets in general ja - Japanese character sets ko - Korean character sets ru - Cyrillic character sets th - Thai character sets zh - Chinese (both simplified and traditional) character sets

List of languages: 

   * af - Afrikaans
   * sq - Albanian
   * am - Amharic
   * ar - Arabic
   * hy - Armenian
   * eu - Basque
   * bs - Bosnian
   * bg - Bulgarian
   * be - Belorussian
   * ca - Catalan
   * zh - Chinese
   * hr - Croatian
   * cs - Czech
   * da - Danish
   * nl - Dutch
   * en - English
   * eo - Esperanto
   * et - Estonian
   * fi - Finnish
   * fr - French
   * fy - Frisian
   * ka - Georgian
   * de - German
   * el - Greek
   * he - Hebrew
   * hu - Hungarian
   * hi - Hindi
   * is - Icelandic
   * id - Indonesian
   * ga - Irish Gaelic
   * it - Italian
   * ja - Japanese
   * ko - Korean
   * la - Latin
   * lv - Latvian
   * lt - Lithuanian
   * ms - Malay
   * mr - Marathi
   * ne - Nepali
   * no - Norwegian
   * fa - Persian
   * pl - Polish
   * pt - Portuguese
   * qu - Quechua
   * rm - Rhaeto-Romance
   * ro - Romanian
   * ru - Russian
   * sa - Sanskrit
   * sco - Scots
   * gd - Scottish Gaelic
   * sr - Serbian
   * sk - Slovak
   * sl - Slovenian
   * es - Spanish
   * sw - Swahili
   * sv - Swedish
   * tl - Tagalog
   * ta - Tamil
   * th - Thai
   * tr - Turkish
   * uk - Ukrainian
   * vi - Vietnamese
   * cy - Welsh
   * yi - Yiddish

eg:

  1. - dutch english french german

ok_languages nl en fr de ok_locales en

Per User Settings

If you need a personal filter for a single user, you need a 

~/.procmailrc

file.

To simply delete all the spamassassin tagged spam, fill the file with 

:0 HB
* We says: SPAM
/dev/null

If you get "Suspicious rcfile" messages in mail.err for a user check the following:

- is the .procmailrc file owned by the user or world writeable

- is the userdirectory owned by the user or world writeable

- apparently the sticky bit (+s or +t) shouldn't be set

The directory / file permissions should be 740 or 744.


If you need per user spamassassin settings (such as changing the score or filtering on language) you need a 

~/.spamassassin/

directory containing a file: 

user_prefs

You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.

spam / ham learning

Spam / Ham learning script http://faisal.com/docs/salearn.html

ham is not spam!

run the following from the command line (for Maildir): 

sa-learn --ham ~/Maildir/cur/

to say everything in your inbox is ham 

sa-learn --spam ~/Maildir/.Junk\ E-mail/

to say everything in there is spam

You can also use: 

sa-learn --ham ~/Maildir/.Leveranciers*/
Retrieved from "http://wiki.edgarbv.com/index.php?title=Spamassassin&oldid=36289"