[Previous entry: "Third of a century!"] [Main Index] [Next entry: "Ok, tattoo time"]
05/30/2003 Archived Entry: "Ok, the last of the spam lessons"
Postfix + site-wide SpamAssassin + Procmail for individual 'spam' mailboxes.
There is an updated addition/simplication suitable for some users/administrators HERE!
Please note: File locations are based on my own install. Yours may be different, and should be checked and appropriate changes made.
1. Install postfix and get it working for your domain. See http://www.postfix.org for details.
2. Install SpamAssassin. The easiest way to do this is with the command "perl -MCPAN -e 'install Mail::SpamAssassin'"
3. As root, create a file at /usr/bin/postfixfilter with the following content:
#!/bin/bash
/usr/bin/spamc | /usr/sbin/sendmail -i "$@"
exit $?
4. Run "chmod 755 /usr/bin/postfixfilter"
5. Create a user called 'spamfilter'. Make it a complete user, with home directory and shell.
6. Run "chown spamfilter /usr/bin/postfixfilter"
7. In /etc/postfix/master.cf in the "Services" section, alter the 'smtp' line as follows (the " -o con..." SHOULD be on the next line:
# -----------------------------------------------------------------------------------
smtp inet n - n - - smtpd
-o content_filter=spamfilter:
# -----------------------------------------------------------------------------------
8. In /etc/postfix/master.cf in the "Interfaces to non-Postfix software" section add:
# -----------------------------------------------------------------------------------
spamfilter unix - n n - - pipe
flags=Rq user=spamfilter argv=/usr/bin/postfixfilter -f ${sender} -- ${recipient}
# -----------------------------------------------------------------------------------
9. Restart postfix and make sure you can still get email. Send a fake spam through the system (from an outside address) to verify that spam is marked as spam. For information on configuring SpamAssassin, go to http://www.spamassassin.org.
10. Install 'procmail' if it is not already installed. To discover this try 'which procmail'.
11. For each user who needs a 'spam' mailbox, follow steps 12 - 13. You can safely stop right here if you do not want any users to have their spam filtered into another mailbox.
12. Create a file in their home directory, owned by them, called '.procmailrc'. Enter the following into it, making sure that the locations listed are what you wish to use for mailbox location (here we are using /home/$username/mail/ as the location for mail folders:
# -----------------------------------------------------------------------------------
MAILDIR=$HOME/mail
DEFAULT=$HOME/mail/Inbox
LOGFILE=$HOME/mail/proc.log# Catch SPAM
:0
* ^X-Spam-Flag: YES
* ^X-Spam-Level: \*\*\*\*\*\*
spam
# -----------------------------------------------------------------------------------
Explanation of the above -
- MAILDIR is the location of mailbox folders
- DEFAULT is the default mailbox.
- "* ^X-Spam-Flag: YES" makes sure the email is marked as spam before doing anything with it.
- "* ^X-Spam-Level: \*\*\*\*\*\*" make sure the spam received a 'spam score' of at least 6 before doing anything with it. This ensures that 'borderline' cases that are more likely to be 'false positives' (meaning they have been falsely marked as spam) do not go into the spam mailbox.
- 'spam' is the name of the mailbox they are going into.
13. Create a file in their home directory, owned by them, called '.forward'. Enter the following into it, changing 'username' to their username. Include the quotes and the pound ("#") symbol!
"|IFS=' ' && exec /usr/bin/procmail || exit 75 #username"
14. As with any change made to user's mailboxes, test!
15. Keep SpamAssassin updated with the same procedure you used to install it in #2.
NOTE: anything in red might have a different path on your box!
Replies: 12 comments
|
This doesn't work with per-user Bayesian filtering, because spamc needs to run as the recipient user, but in this configuration spamc always runs as user spamfilter. I fixed it, but greymatter mangles the fix if I try to include it here. Posted by Wes Felter @ 09/21/2003 02:30 PM PST |
|
Help! Something didn't work for me. A whole bunch of messages that I would have received via Fetchmail with an overnight cron job simply didn't turn up in my inbox. Now, quite a few may have been spam, but they would have included the reports from crontab (which is how I know they're missing). So, where does the spam go? I need to check what's been filtered out... Posted by Steve Mansfield @ 09/22/2003 02:30 AM PST |
|
Help! Something didn't work for me. A whole bunch of messages that I would have received via Fetchmail with an overnight cron job simply didn't turn up in my inbox. Now, quite a few may have been spam, but they would have included the reports from crontab (which is how I know they're missing). So, where does the spam go? I need to check what's been filtered out... Posted by Steve Mansfield @ 09/22/2003 02:31 AM PST |
|
Hi. It worked great for me! But I can't get MailScanner to work with it. After following instruction from MailScanner, I get the error below. Any idea how to get it working together cooperatively? I did try adding "alternate_config_directories = /etc/postfix.in" in /etc/postfix/main.cf but that didn't resolve anything either and same error. Diagnostic-Code: X-Postfix; Command died with status 1: Posted by Steve @ 09/27/2003 04:50 PM PST |
|
Is there anyway I can redirect the mail to a email address on a remote domain instead of putting it in spam mailbox ? Thanks Posted by Asif @ 09/27/2003 08:16 PM PST |
|
My ISP has the procmail recipe and parameters you discussed already set up for its users. I was hoping your article would address how users may save their spams to a system-wide "folder" (single PINE file), and then have `spamassassin -r` periodically run against the *individual* spams in said file. Thanks to anyone who has set up a sweeper or purger of this sort. Posted by Peter Leftwich @ 10/04/2003 01:40 PM PST |
|
I followed your instructions to the T and it didn't work. Any ideas on where to start. here's a clip from my maillog file. Oct 16 02:27:15 www postfix/smtpd[27840]: connect from mail.classic.net[216.170.130.31] but nothing ever shows up. When I followed the first setup I kept getting a too many hops error. trying for 27 hops but the max was 25 hops. Does this help? greg Posted by greg malsack @ 10/16/2003 12:30 AM PST |
|
http://www.geekly.com/entries/archives/00000192.htm <------- Attention spammers! Posted by Greg @ 10/27/2003 08:52 AM PST |
|
Can someone tell me how to reconfigure what happens to spam after it is tagged on a Verio VPS running FreBSD unix and spamassassin 2.54? Initial setting was to pass it on, but now I want it sent to a specific mail box called spam@triadelectric.com Thanks for any help? Posted by Mike @ 10/31/2003 11:36 AM PST |
|
This all works great. One thing worth noting (although this may be implied or obvious) is that you may have to reconfigure your mail reader (MUA) to work with this configuration. For example, on Redhat 9, pine by default opens /var/spool/mail/username. With the configuration described here, you need to go into pine's setup and change the inbox path to /home/username/mail/Inbox. Alternatively, you could tweak .procmailrc to point to /var/spool/mail/username. Posted by Damon Cassell @ 11/03/2003 07:34 AM PST |
|
Anyone get this working with razor?? For some reason it always skips razor when I am using spamc in my postfixfilter script. When I change it to use 'spamassassin' it works! BTW, I tried the -H option of spamd, but this did not help. Posted by Johnny @ 11/06/2003 07:17 AM PST |
|
Sorry, no more comments can be posted here. Too many spammers are posting on this. Kind of stupid of them since this page is entirely devoted to stopping spammers and we mailadmins will just use the info posted to make filters. Posted by Greg @ 11/12/2003 02:11 PM PST |