Difference between revisions of "Spamassassin"

From YobiWiki
Jump to navigation Jump to search
Line 24: Line 24:
 
J'ai résolu ce problème de permissions:
 
J'ai résolu ce problème de permissions:
 
chown Debian-exim:Debian-exim /var/spool/sa-exim/tuplets
 
chown Debian-exim:Debian-exim /var/spool/sa-exim/tuplets
  +
Mais maintenant le cron de nettoyage greylistclean se plaint... je l'exécute donc en tant que Debian-exim plutôt que nobody.
  +
/etc/cron.d/greylistclean
  +
33 * * * * Debian-exim [ -x /usr/sbin/greylistclean ] && /usr/sbin/greylistclean
   
 
==Option: DNS Sender Policy Framework (SPF)==
 
==Option: DNS Sender Policy Framework (SPF)==

Revision as of 01:03, 5 December 2006

Très facile à intégrer à exim4

Installation

apt-get install spamassassin sa-exim

Activer le démon spamassassin
Dans /etc/default/spamassassin mettre ENABLED à 1

sa-exim

Dans /etc/exim4/sa-exim.conf chercher SAEximRunCond et soit l'activer toujours (=1) ou seulement s'il n'y a pas déjà de headers sa-exim dans le message (commenter alors la ligne avec =0)

Option: Greylisting


/etc/spamassassmin/local.cf: recopier les 4 lignes mentionées dans /usr/share/doc/sa-exim/README.greylisting.gz à partir de loadplugin...
/etc/exim4/sa-exim.conf: mettre

SAtempreject: 9.0 (ou 3.0 pour un greylisting plus aggressif)
SAgreylistraisetempreject: 3.0 (or 9.0)

Le total doit être <= SAPermreject!
Apparemment il faut mettre SAmaxrcptlistlength à 8000
Problème: mon fetchmail subit aussi le greylisting. Solution: rendre la valeur du threshold dépendante de l'IP d'origine, fetchmail tournant en local. Rem: la seconde IP est l'IP du vserveur mx

SAtempreject: ${if and { {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{85.234.207.100}} } {3.0}{10000.0}}

On peut ajouter d'autres IPs mais il faut veiller à ce que tout tienne sur la même ligne

J'ignore pourquoi mais j'avais des erreurs du style:

spamd[22130]: Reached greylisterror: creating /var/spool/sa-exim/tuplets/158/64/60/... / 
  No such file or directory at /usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 287.

J'ai résolu ce problème de permissions:

chown Debian-exim:Debian-exim /var/spool/sa-exim/tuplets

Mais maintenant le cron de nettoyage greylistclean se plaint... je l'exécute donc en tant que Debian-exim plutôt que nobody.

/etc/cron.d/greylistclean
33 * * * * Debian-exim [ -x /usr/sbin/greylistclean ] && /usr/sbin/greylistclean

Option: DNS Sender Policy Framework (SPF)

apt-get install libmail-spf-query-perl

À tester davantage...

Learning new spam

Here is a script to save in e.g. /usr/local/sbin/sa-learn-from-md

#! /bin/sh

[ -x /usr/bin/sa-learn ] || exit 0

# For every existing user who has his homedir under /home and has a Maildir
for i in $(cut -f6 -d: /etc/passwd|grep /home);
do 
    if [ -d $i/Maildir/.*SPAM.learn-spam/cur ];
    then 
        # Get the mails to train spamassassin
        for f in $i/Maildir/.*SPAM.learn-spam/cur/*; do
                if [ -e $f ]; then
                       # Debian-exim does not have read access to the mails so we pipe them
                        cat $f|su - -s /bin/bash Debian-exim -c "sa-learn --spam" |grep -v "Learned tokens from"
                        # Move files to the Spam dir
                        #mv $f $i/Maildir/.*SPAM/cur/
                        # Or just delete it
                        rm -f $f
                fi
        done
    fi;
    if [ -d $i/Maildir/.*SPAM.learn-ham/cur ];
    then 
        # Get the mails to train spamassassin
        for f in $i/Maildir/.*SPAM.learn-ham/cur/*; do
                if [ -e $f ]; then
                       # Debian-exim does not have read access to the mails so we pipe them
                        cat $f|su - -s /bin/bash Debian-exim -c "sa-learn --ham" |grep -v "Learned tokens from"
                        # Move files to the Inbox dir
                        mv $f $i/Maildir/cur/
                        # Or just delete it
                        #rm -f $f
                fi
        done
    fi;
done

exit 0

And you can schedule cron to call it e.g. hourly:

mx:/etc/cron.hourly# ln -s /usr/local/sbin/sa-learn-from-md

So, what does it do?
To use it, create a "SPAM" directory with a "learn-spam" sub-dir in your Maildir via e.g. IMAP.
Drop the non-filtered spam you got into the SPAM/learn-spam.
Every hour the mails will be used to train the global spamassassin DB and then will be moved to the SPAM dir or just deleted, depending on what you've chosen.
If you want you can also create a "learn-ham" sub-dir and drop the false positives flagged as spam into the SPAM/learn-ham.