Spamassassin

From Edgar BV Wiki
Revision as of 13:13, 9 January 2013 by Red (talk | contribs)
Jump to navigation Jump to search
install the packages. Also install pyzor and razor

create a user "spamfilter"
adduser --system spamfilter

/etc/spamassassin/local.cf
---------------
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
# Debian standard stuff
#
# rewrite_header Subject *****SPAM*****
rewrite_header Subject **Tripany says: SPAM**

# report_safe 1
 report_safe 1

# trusted_networks 212.17.35.
# lock_method flock
lock_method flock

# SpamAssassin config file for version 3.x
# NOTE: NOT COMPATIBLE WITH VERSIONS 2.5 or 2.6
# See http://www.yrex.com/spam/spamconfig25.php for earlier versions
# Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)

# How many hits before a message is considered spam.
 required_score           7.0

# Enable the Bayes system
 use_bayes               1
 use_bayes_rules        1
        bayes_path        /var/spool/spamassassin/bayes
        bayes_file_mode   0666

# Enable Bayes auto-learning
 bayes_auto_learn              1

# Enable or disable network checks
 skip_rbl_checks         0
 use_razor2              1
 use_dcc                 1
 use_pyzor               1

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
 ok_languages            all

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
 ok_locales              all

# Autowhitelist feature turned off because creates a large file
   use_auto_whitelist 0

--------------------

in /etc/postfix/master.cf
change

--------------------
smtp      inet  n       -       -       -       -       smtpd
--------------------

to

--------------------
smtp      inet  n       -       -       -       -       smtpd
        -o content_filter=spamassassin
--------------------

At the bottom of master.cf add

--------------------
spamassassin unix -     n       n       -       -       pipe
        user=spamfilter argv=/usr/bin/spamc -s 15000000 -f -e /usr/sbin/sendmail -oi -f $(sender) $(recipient)
--------------------

This way we throw the mail through spamc, which then filters it through spamd before delivery to the mailbox, instead of sending it through spamassassin itself, which has no control over the amount of process forks it spawns etc. Spamd spawns a certain amount of processes and sticks to them, so it doesn't bring the machine to it's knees.

To check a configuration, use 

spamassassin --lint



Per user preferences can be adjusted in ~/.spamassassin/user_prefs (eg. they can turn it off!)

then set /etc/default/spamassassin
ENABLED = 1

and in the OPTIONS add
-s /var/log/mail/spamd.log

/etc/init.d/spamassassin start 

to start spamd.

touch /var/log/mail/spamd.log
vi /etc/logrotate.d/rsyslog to add the logfile for rotation


check /var/log/mail/spamd.log to see what's going on.

To start razor you have to 

        $ razor-client           [creates symbolic links]
        $ razor-admin --create   [creates the razor home]
        $ razor-admin --register [registers an account]

To get dcc working you have to edit v310.pre and uncomment it.

There's a few options to be found in /etc/default/spamassassin (such as that the logfile is in /var/log/mail/spamd.log

NB. Spamassassin doesn't do any deleting in and of itself - it needs another filter (procmail) to do this. So filters in /etc/procmailrc are still run. 

Language Filtering:
--------------------
first /etc/spamassassin/v310.pre needs the TextCat plugin enabled (uncomment it in v310.pre)

Then the ok_languages and ok_locales (charactersets) can be used to specify which languages and locales are considered allright to use. If an email contains mail from a different locale / language the spam score is raised.

List of charactersets:
en - Western character sets in general
ja - Japanese character sets
ko - Korean character sets
ru - Cyrillic character sets
th - Thai character sets
zh - Chinese (both simplified and traditional) character sets

List of languages:
    * af - Afrikaans
    * sq - Albanian
    * am - Amharic
    * ar - Arabic
    * hy - Armenian
    * eu - Basque
    * bs - Bosnian
    * bg - Bulgarian
    * be - Belorussian
    * ca - Catalan
    * zh - Chinese
    * hr - Croatian
    * cs - Czech
    * da - Danish
    * nl - Dutch
    * en - English
    * eo - Esperanto
    * et - Estonian
    * fi - Finnish
    * fr - French
    * fy - Frisian
    * ka - Georgian
    * de - German
    * el - Greek
    * he - Hebrew
    * hu - Hungarian
    * hi - Hindi
    * is - Icelandic
    * id - Indonesian
    * ga - Irish Gaelic
    * it - Italian
    * ja - Japanese
    * ko - Korean
    * la - Latin
    * lv - Latvian
    * lt - Lithuanian
    * ms - Malay
    * mr - Marathi
    * ne - Nepali
    * no - Norwegian
    * fa - Persian
    * pl - Polish
    * pt - Portuguese
    * qu - Quechua
    * rm - Rhaeto-Romance
    * ro - Romanian
    * ru - Russian
    * sa - Sanskrit
    * sco - Scots
    * gd - Scottish Gaelic
    * sr - Serbian
    * sk - Slovak
    * sl - Slovenian
    * es - Spanish
    * sw - Swahili
    * sv - Swedish
    * tl - Tagalog
    * ta - Tamil
    * th - Thai
    * tr - Turkish
    * uk - Ukrainian
    * vi - Vietnamese
    * cy - Welsh
    * yi - Yiddish 

eg:
# - dutch english french german
ok_languages            nl en fr de
ok_locales              en

Per User Settings:
-------------------
If you need a personal filter for a single user, you need a 
~/.procmailrc
file.

To simply delete all the spamassassin tagged spam, fill the file with
----------------
:0 HB
* Tripany says: SPAM
/dev/null
----------------

If you get "Suspicious rcfile" messages in mail.err for a user check the following:
- is the .procmailrc file owned by the user or world writeable
- is the userdirectory owned by the user or world writeable
- apparently the sticky bit (+s or +t) shouldn't be set

The directory / file permissions should be 740 or 744.

If you need per user spamassassin settings (such as changing the score or filtering on language) you need a
~/.spamassassin/
directory containing a file:
user_prefs

You can put any of the spamassassin directives from /etc/spamassassin/local.cf in there.