Difference between revisions of "Spamassassin"

From YobiWiki
Jump to navigation Jump to search
m
 
m
Line 1: Line 1:
 
Très facile à intégrer à exim4
 
Très facile à intégrer à exim4
==installation==
+
==Installation==
 
apt-get install spamassassin sa-exim
 
apt-get install spamassassin sa-exim
 
Activer le démon spamassassin
 
Activer le démon spamassassin
Line 22: Line 22:
 
apt-get install libmail-spf-query-perl
 
apt-get install libmail-spf-query-perl
 
À tester davantage...
 
À tester davantage...
  +
  +
==Learning new spam==
  +
Here is a script to save in e.g. /usr/local/sbin/sa-learn-from-md
  +
<pre>
  +
#! /bin/sh
  +
  +
[ -x /usr/bin/sa-learn ] || exit 0
  +
  +
# For every existing user who has his homedir under /home and has a Maildir
  +
for i in $(cut -f6 -d: /etc/passwd|grep /home);
  +
do
  +
if [ -d $i/Maildir/.*SPAM.learn/cur ];
  +
then
  +
# Get the mails to train spamassassin
  +
for f in $i/Maildir/.*SPAM.learn/cur/*; do
  +
if [ -e $f ]; then
  +
# Debian-exim does not have read access to the mails so we pipe them
  +
cat $f|su - -s /bin/bash Debian-exim -c "sa-learn --spam"
  +
# Move files to the Spam dir
  +
mv $f $i/Maildir/.*SPAM/cur/
  +
fi
  +
done
  +
fi;
  +
done
  +
  +
exit 0
  +
</pre>
  +
And you can schedule cron to call it e.g. daily:
  +
mx:/etc/cron.daily# ln -s /usr/local/sbin/sa-learn-from-md
  +
So, what does it do?
  +
<br>To use it, create a "SPAM" directory with a "learn" sub-dir in your Maildir via e.g. IMAP.
  +
<br>Drop the non-filtered spam you got into the SPAM/learn.
  +
<br>Every day the mails will be used to train the global spamassassin DB and will be moved to the SPAM dir.

Revision as of 12:31, 30 November 2006

Très facile à intégrer à exim4

Installation

apt-get install spamassassin sa-exim

Activer le démon spamassassin
Dans /etc/default/spamassassin mettre ENABLED à 1

sa-exim

Dans /etc/exim4/sa-exim.conf chercher SAEximRunCond et soit l'activer toujours (=1) ou seulement s'il n'y a pas déjà de headers sa-exim dans le message (commenter alors la ligne avec =0)

Option: Greylisting


/etc/spamassassmin/local.cf: recopier les 4 lignes mentionées dans /usr/share/doc/sa-exim/README.greylisting.gz à partir de loadplugin...
/etc/exim4/sa-exim.conf: mettre

SAtempreject: 9.0 (ou 3.0 pour un greylisting plus aggressif)
SAgreylistraisetempreject: 3.0 (or 9.0)

Le total doit être <= SAPermreject!
Apparemment il faut mettre SAmaxrcptlistlength à 8000
Problème: mon fetchmail subit aussi le greylisting. Solution: rendre la valeur du threshold dépendante de l'IP d'origine, fetchmail tournant en local. Rem: la seconde IP est l'IP du vserveur mx

SAtempreject: ${if and { {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{85.234.207.100}} } {3.0}{10000.0}}

On peut ajouter d'autres IPs mais il faut veiller à ce que tout tienne sur la même ligne

Option: DNS Sender Policy Framework (SPF)

apt-get install libmail-spf-query-perl

À tester davantage...

Learning new spam

Here is a script to save in e.g. /usr/local/sbin/sa-learn-from-md

#! /bin/sh

[ -x /usr/bin/sa-learn ] || exit 0

# For every existing user who has his homedir under /home and has a Maildir
for i in $(cut -f6 -d: /etc/passwd|grep /home);
do 
    if [ -d $i/Maildir/.*SPAM.learn/cur ];
    then 
        # Get the mails to train spamassassin
        for f in $i/Maildir/.*SPAM.learn/cur/*; do
                if [ -e $f ]; then
                       # Debian-exim does not have read access to the mails so we pipe them
                        cat $f|su - -s /bin/bash Debian-exim -c "sa-learn --spam"  
                        # Move files to the Spam dir
                        mv $f $i/Maildir/.*SPAM/cur/
                fi
        done
    fi;
done

exit 0

And you can schedule cron to call it e.g. daily:

mx:/etc/cron.daily# ln -s /usr/local/sbin/sa-learn-from-md

So, what does it do?
To use it, create a "SPAM" directory with a "learn" sub-dir in your Maildir via e.g. IMAP.
Drop the non-filtered spam you got into the SPAM/learn.
Every day the mails will be used to train the global spamassassin DB and will be moved to the SPAM dir.