Postfix is a widely used mail transport agent (MTA) used on many popular Unix/Linux systems. Nowadays, networks are overwhelmed by SPAM mail, fortunately, there is a way to filter them with software such as spamassassin.
1. Getting Started
By now, you should have a running SMTP server running postfix. There is a couple of package we need to install: spamassassin and its client spamc
$sudo apt-get install spamassassin spamc
spamassassin package includes a daemon which can be called by user programs such as procmail... but can also be integrated into a Mail Transport Agent such as postfix.
2. Using spamassassin as a standalone daemon
In this part of the tutorial, we are going to make spamassassin run as its own user (default on debian sarge is root), configure some settings and make postfix use spamassassin as an after-queue content filter, which means that the content is going to be filters through spamassassin after postfix has dealt with the delivery.
2.1. Setting up spamassassin
Okie, so you installed spamassassin from debian repository, on default settings, spamassassin runs as root user and is not started. To avoid that, we are going to create a specific user and group for spamassassin. As root user, run the following commands:
#groupadd -g 5001 spamd
#useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
#mkdir /var/lib/spamassassin
#chown spamd:spamd /var/lib/spamassassin
Now, we need to change some settings in /etc/default/spamassassin and make sure you get the following values:
ENABLED=1
SAHOME="/var/lib/spamassassin/"
OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir ${SAHOME} -s ${SAHOME}spamd.log"
PIDFILE="${SAHOME}spamd.pid"
What happen here, is that we are going to run spamd daemon as user spamd and make it use its own home dir (/var/lib/spamassassin/) and is going to output its logs in /var/lib/spamassassin/spamd.log
2.2. Configuring spamassassin
Now, we need to give spamassassin some rules. The default settings are quite fine, but you might tweak them up a bit. So let's edit /etc/spamassassin/local.cf and make it looks like that:
rewrite_header Subject [***** SPAM _SCORE_ *****]
required_score 2.0
#to be able to use _SCORE_ we need report_safe set to 0
#If this option is set to 0, incoming spam is only modified by adding some "X-Spam-" headers and no changes will be made to the body.
report_safe 0
# Enable the Bayes system
use_bayes 1
use_bayes_rules 1
# Enable Bayes auto-learning
bayes_auto_learn 1
# Enable or disable network checks
skip_rbl_checks 0
use_razor2 0
use_dcc 0
use_pyzor 0
Here, we set spamassassin' spamd default settings to rewrite email subject to [***** SPAM _SCORE_ *****], where
To be able to use the _SCORE_ in the rewrite_header directive, we need to set report_safe to 0.
In the next section, we tell spamassassin to use bayes classifier and to improve itself by auto-learning from the messages it will analyse.
In the last section, we disable collaborative network such as pyzor, razor2 and dcc. Those collaborative network keep an up-to-date catalogue of know mail checksum to be recognized as spam. Those might be interresting to use, but I'm not going to use them here as I found it took long enough to spamassassin to deal with spams only using it rules.
Now, start spamd with the following command line:
#/etc/init.d/spamassassin start
We are almost done, we still need to configure postfix in such a way that it will pass all mails delivered to local mailboxes to spamassassin.
3. Make Postfix call Spamassassin
Now, we need to tell postfix to use spamassassin. In our case, spamassassin will be invoked only once postfix has finished with the email.
To tell postfix to use spamassassin, we are going to edit /etc/postfix/master.cf and change the line:
smtp inet n - - - - smtpd
to:
smtp inet n - - - - smtpd
-o content_filter=spamassassin
and then, at the end of master.cf, let's add:
spamassassin unix - n n - - pipe
user=spamd argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
and here we go, our spam filter is setted up, we need to reload postfix settings and everything should be ready.
#/etc/init.d/postfix reload
4. Conclusion
This is an easy to set up alternative which will filter spams using spamassassin and postfix.
There is actually other way to do so (which I will cover later on), like using amavis for instance, which will use spamassassin without needing spamassassin daemon (spamd).
The presented alternative will still send all emails to their recipient (which is something I actually prefer to rejecting and dumping email spotted as spam). One can then make up rule using either its webmail or mail client, filtering all emails having subject like "[***** SPAM" to be moved to a specific place in the client so you can easily move them away from your precious emails, but still in the end, there will be there, so you won't have any emails discarded because they seemed to be spammed when there actually where real important mails.
In the end, this will behave a bit like famous mail providers such as yahoo, google, hotmail ... do, you will have "Bulk Mails" and "Mails".
Hope this helped,
Source: http://www.debuntu.org/postfix-and-pamassassin-how-to-filter-spam-p2
0 comentarios:
Publicar un comentario