Original article by: : Joel Barrios Dueñas in spanish.
In this article you will see how to configure a service with Spamassassin to identify and discard spam on your mail server.
SpamAssassin is an implementation that uses a scoring system based on a genetic algorithm to identify messages that could be suspected of being unsolicited sent via mass mailings systems, adding headers to the message so that it can be filtered by the email client MUA> ( Mail User Agent).
Procmail is a program that works like MDA ( Mail Delivery Agent) that is used to manage the delivery of local mail system. Also allows automatic filtering of e-mail, pre-sorting and other tasks.
Procmail can be used interchangeably with Sendmail and Postfix.
Installing the required software
Installing via yum.
If you have a server with CentOS 5 or 6 or Red Hat ™ Enterprise Linux 5 or 6 , you can use the following command:
yum -y install spamassassin procmail
If you use Sendmail as a mail server, procmail must already be installed because it’s a dependency of the package sendmail. If you use Postfix mail server, you must edit the file /etc/postfix/main.cf and add or uncomment mailbox_command = /usr/bin/procmail , or simply run the following command.
postconf -e 'mailbox_command = /usr/bin/procmail' ; service postfix restart
Start spamassasin and add it to the boot services.
chkconfig spamassassin on ; service spamassassin restart
Note, you only need to use the service spamassassin if the mail server has a large number of users, or has a high amount of traffic. If you have few users, you can use the command spamassassin through the file /etc/procmailrc or ~/.procmailrc.
There are three ways to tell Procmail to use SpamAssassin.
Using the command spamassassin.
The simplest way to use Spamassassin is to make use of the commandspamassassin . Works well only if you have few users, it creates an instance of it each time you get an email from the system. The following is the recommended setting for the file /etc/procmailrc if you want to apply to all users of the system, or the alternative is the file ~/.procmailrc in the home directory of a particular user, if you want to use it only with some users:
: 0fw | /usr/bin/spamassassin
If you have many users, it is more convenient to use the command spamc, it requires the service spamassassin started and running . The following is the recommended setting for the file /etc/procmailrc if you want to apply to all users of the system, or the alternative is the file ~/.procmailrc in the home directory of a particular user, if you want to use it only with some users:
: 0fw | /usr/bin/spamc
The above option examines and marks email as spam if it reaches enough points. If you want to filter mail by sending the one classified as spam to a mail box ( ~/mail/spam ), you can use the following rules:
:0fw | /usr/bin/spamc # The messages marked as spam are stored in the spam folder :0: * ^X-Spam-Status: Yes $HOME/mail/Spam
Configuring the /etc/mail/spamassassin/local.cf.
You can configure and add parameters in the file /etc/mail/spamassassin/local.cf , where, among many others, you can set the following:
|required_hits||Used to set the amount of points accumulated, and assigned by SpamAssassin to a message to be considered as spam. The default is 5 , accepts decimals and can be adjusted to a value lower or higher as determined by the administrator. Example: 4.5|
|report_safe||Determines whether the message, if classified as spam, is included in an attachment, with the value 1, or leave the message as is, with the value 0. The default is 0 .|
|rewrite_header||String defines how characters are added to the message to identify it as spam.The default value is [SPAM] , and can be changed as seem appropriate by the administrator. Example: rewrite_header Subject [Spam?]|
|whitelist_from||Is used to define a list of address (or domain) that must be never considered as spam sender.. You can define multiple lines. Example:
* @ midominio.algo whitelist_from
|whitelist_to||If you use a mailing list ( majordomo or mailman ), and you want to avoid accidentally considered Spam e-mail, the message issued by one of these lists, you can define to never consider spam mail delivered by this list. Example: whitelist_to [email protected]|
|blacklist_from||You can define that all e-mail from a domain or email account in particular always be considered as spam. Example: blacklist_from [email protected]|
|ok_languages||Sets the codes of the countries whose languages are not considered spam. In the example below, states that the Spanish and Portuguese are considered less likely to qualify as Spam :
ok_languages pt es
Vi è uno strumento di configurazione di SpamAssassin, che genera il file /etc/mail/spamassassin/local.cf all’indirizzo: http://www.yrex.com/spam/spamconfig.php.
As first setup you could only set as whitelist the localhost and the address of your lan in the file /etc/mail/spamassassin/local.cf for example:
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. required_hits 5 report_safe 0 rewrite_header Subject [SPAM] whitelist_from 127.0.01 whitelist_from 192.168.1.91 whitelist_from 220.127.116.11
If you use the command /usr/bin/spamassassin in the file /etc/procmailrc and ~/.procmailrc , the changes take effect immediately. If you use the command /usr/bin/spamc , to take effect the changes required a restart of the service spamassassin :
service spamassassin restart
Tips for getting most out of using Spamassassin sa-learn.
Many server administrators use Spamassassin to filter the emails that come to their servers. If however, very few people know and use the tool sa-learn , included with Spamassassin , which serves to train and teach to identify spam (or junk mail ) at Spamassassin .
Essentially, the command sa-learn is used to train the Bayesian classifier component of Spamassassin.
The way I suggest using it is to use the email client and move all messages that are considered spam to a folder designated for that purpose, such as ~/mail/spam , and move away from the folder spam all messages considered as legitimate to any other mail folder or the inbox.
Then, use the command sa-learn , with the options -spam , indicating that the message is spam, and the option -mbox , to indicate that the format is mailbox mbox:
sa-learn --spam --mbox ~/mail/Spam
For messages that were classified as incidental spam , and they were moved to another folder (as for example ~/mail/messages ), or the inbox ( /var/spool/mail/username ), use the command sa-learn with the options -ham , indicating that it is legitimate and that mail should no longer consider it as spam , and the option -mbox , to indicate that it is a format mailbox mbox:
sa-learn --ham --mbox ~/mail/Messages sa-learn --ham --mbox /var/spool/mail/username
All the above can be used as the user root , which would make the new filters created to train Spamassassin apply to all users, or as any user, which would take effect only for that particular user.
[amazon_enhanced asin="0596007078" price="All" background_color="332610" link_color="FFFFFF" text_color="D4CE99" /]
[amazon_enhanced asin="1904811124" price="All" background_color="332610" link_color="FFFFFF" text_color="D4CE99" /]
- Linux Terminal: An lsof Primer
- How to check if you are vulnerable to shellshock
- Ripping DVD with Handbrake on Linux
- Linux: Timeouting commands in shell scripts
- Switching to Linux, Checklist
Find me on Google+