Differences

This shows you the differences between two versions of the page.

--- spamassassin:stopping_spam [2016/11/02 00:33] – peter
+++ spamassassin:stopping_spam [2019/12/04 21:15] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== SpamAssassin - Stopping Spam ======
-===== Install Mail::Audit =====
-SpamAssassin needs the **Mail::Audit** module for Perl. Install Mail::Audit (via CPAN)
-<code bash>
-perl -MCPAN -e shell
-cpan> install Mail::Audit
-cpan> quit
-</code>
-===== Install Spam Assassin Modules =====
-Install SpamAssassin from CPAN, which will also install all other required modules too.
-<code bash>
-perl -MCPAN -e shell
-cpan> install Mail::SpamAssassin
-</code>
-It maybe will ask you for some needed modules that aren't installed yet - Answer yes and Perl will fetch and install them, too.
-<code perl>
-cpan> quit
-</code>
-===== Run the recommended tests =====
-First look if the install succeded by running:
-<code bash>
-which spamassassin
-/usr/local/bin/spamassassin
-</code>
-If you don't get a right answer something failed... or your PATH-variable isn't set right...
-Now lets scan a no spam mail with
-<code bash>
-spamassassin -t <sample-nonspam.txt |less
-</code>
-Look for a line like this in the output:
-<code>
-X-Spam-Status: No, hits=0 required=5 tests=
-</code>
-Okay fine - now try a bad spam message:
-<code bash>
-spamassassin -t <sample-spam.txt |less
-</code>
-which should produce some lines like that:
-<code>
-X-Spam-Status: Yes, hits=12 required=5 tests=NO_REAL_NAME,UNDISC_RECIPS,INVALID_DATE,MSGID_HAS_NO_AT,REMOVE_SUBJ,RCVD_IN_OSIRUSOFT_COM
-X-Spam-Flag: YES
-</code>
-Okay everything seems working... that was the easy part :-)
-===== The wrapper script =====
-For use with Exim here is a small Perl script which implements the Mail::Audit and the Mail:SpamAssassin module. It will do the actual scanning and will feed a good message back to the Exim MTA with the protocol "spam-scanned".  Install the attached spamcheck.pl to /usr/local/bin.
-<code perl>
-#!/usr/bin/perl
-# This is an small wrapper script around Mail::SpamAssassin for the use
-# with the exim MTA.
-# Modified to eliminate the buggy Mail::Audit use.
-# This modification also eliminates the need to re-submit the message
-# to Exim for delivery to the mail spool. Requires localuser director
-# to use the spamcheck transport so it knows where to append to.
-# It is released under the Terms of GNU General Public License (GPL) so
-# use at your own risk!
-use Mail::SpamAssassin;
-use Mail::SpamAssassin::NoMailAudit;
-$savespam = 1;                      #1/0 should spam be saved centrally?
-$spamfile = '/var/mail/spam';       #If you said 1 above - where to put
-                                    #that nasty spam? Be sure this mailbox
-                                    #is writable by the user who runs this
-                                    #script (e.g. mail)
-#These are given as command line arguments by exim:
-$sender = shift(@ARGV);
-$sender = '<>' if $sender eq '';
-$recpt = '';
-while (@ARGV){
-  $recpt = $recpt.' '.shift(@ARGV);
-}
-####### Main script ###########################################################
-$mail = Mail::SpamAssassin::NoMailAudit->new();
-$spamtest = Mail::SpamAssassin->new();
-$status = $spamtest->check ($mail);
-#Add the X-Spam Headers:
-$status->rewrite_mail ();
-#Auto Report to Vipul's Razor:
-$status->handle_auto_report ();
-if ($status->is_spam ()) {
-  if ($savespam) {
-    $mail->accept($spamfile); # Deliver to spamfile
-  } else {
-    $mail->accept();          # Deliver to user's mailbox
-  }
-} else {
-  $mail->accept();            # to default incoming mailbox
-}
-</code>
-**NOTE**:  Ensure the path to exim is correct and if you want to store detected spam in a mailbox - be sure this mailbox exists and is writeable by the user 'mail'.  If not simply create one like this:
-<code bash>
-touch /var/spool/spam
-chmod 660 /var/spool/spam
-chown mail:mail /var/spool/spam
-</code>
-===== Exim Transport Section =====
-At the end of Exim's transport section add the following:
-<file>
-#Spam Assassin
-spamcheck:
-   driver = pipe
-   command = "/usr/local/bin/spamcheck.pl ${sender_address} ${pipe_addresses}"
-   prefix =
-   suffix =
-   check_string =
-   escape_string =
-   # for debugging change return_output to true
-   return_output = false
-   return_path_add = false
-   user = mail
-   group = mail
-   path = "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin"
-   current_directory = "/tmp"
-</file>
-**NOTE**:  Consider improving this for security reasons as required.  Make sure that the user you use is entered in the trusted_users option of exim!
-===== Exim Directors Section =====
-If you've installed the Amavis virus scanner you have to modify the condition statement in its director entry like followed:
-<file>
-  #  condition = "${if eq {$received_protocol}{scanned-ok} {0}{1}}"
-  # I changed the above to the one below because I have a second check
-  # for spam after the antivirus. This is needed to avoid an infinite
-  # loop - do not virus scan again when the mail comes back from the
-  # spam checker:
-  condition = "${if or{ {eq {$received_protocol}{scanned-ok}} {eq {$received_protocol}{spam-scanned}} } {0}{1}}"
-</file>
-This ensures that a mail coming from the spam scan will not be scanned again for viruses. Be sure to change that or you will get an infinite mail loop!
-Now add a new director at the top of the Directors section (but right after the Amavis director if installed!!):
-<file>
-#Spam Assassin
-spamcheck_director:
-   condition = "${if eq {$received_protocol}{spam-scanned} {0}{1}}"
-   driver = smartuser
-   transport = spamcheck
-</file>
-Okay that's it.  We will not add a router entry as we don't want to check our own mails for spam :-). Now open a console with
-<code bash>
-tail -f /var/log/exim/mainlog
-</code>
-And send some mail to your local users.  If you get any errors in the log - well fix them  :-). If everything works you can reenable the fetchmail demon again.
-What else?
-Copy the **spamassasin.cf** to /etc if you want to adjust the scores of the used spam tests.
-**NOTE**:  The **spamcheck.pl** is just a small hack.  It should be much more better...
-===== References =====
-http://web.archive.org/web/20041116091629/http://bogmog.sourceforge.net/document_show.php3?doc_id=28
-http://web.archive.org/web/20041025034458/http://www.sbicomputing.com/scripts/spamcheck.pl
-http://dman13.dyndns.org/~dman/config_docs/exim-spamassassin/