Mar 202011

spamassOriginal article by: : Joel Barrios Dueñas in spanish.
In this article you will see how to configure a service with Spamassassin to identify and discard spam on your mail server.
About SpamAssassin.
SpamAssassin is an implementation that uses a scoring system based on a genetic algorithm to identify messages that could be suspected of being unsolicited sent via mass mailings systems, adding headers to the message so that it can be filtered by the email client MUA> ( Mail User Agent).

About Procmail.
Procmail is a program that works like MDA ( Mail Delivery Agent) that is used to manage the delivery of local mail system. Also allows automatic filtering of e-mail, pre-sorting and other tasks.

Procmail can be used interchangeably with Sendmail and Postfix.


Installing the required software

Installing via yum.

If you have a server with CentOS 5 or 6 or Red Hat ™ Enterprise Linux 5 or 6 , you can use the following command:

yum -y install spamassassin procmail

If you use Sendmail as a mail server, procmail must already be installed because it’s a dependency of the package sendmail. If you use Postfix mail server, you must edit the file /etc/postfix/ and add or uncomment mailbox_command = /usr/bin/procmail , or simply run the following command.

postconf -e 'mailbox_command = /usr/bin/procmail' ; service postfix restart

Start spamassasin and add it to the boot services.

chkconfig spamassassin on ; service spamassassin restart

Note, you only need to use the service spamassassin if the mail server has a large number of users, or has a high amount of traffic. If you have few users, you can use the command spamassassin through the file /etc/procmailrc or ~/.procmailrc.

Configuring Procmail.

There are three ways to tell Procmail to use SpamAssassin.

Using the command spamassassin.

The simplest way to use Spamassassin is to make use of the commandspamassassin . Works well only if you have few users, it creates an instance of it each time you get an email from the system. The following is the recommended setting for the file /etc/procmailrc if you want to apply to all users of the system, or the alternative is the file ~/.procmailrc in the home directory of a particular user, if you want to use it only with some users:

: 0fw | /usr/bin/spamassassin

If you have many users, it is more convenient to use the command spamc, it requires the service spamassassin started and running . The following is the recommended setting for the file /etc/procmailrc if you want to apply to all users of the system, or the alternative is the file ~/.procmailrc in the home directory of a particular user, if you want to use it only with some users:

: 0fw | /usr/bin/spamc

The above option examines and marks email as spam if it reaches enough points. If you want to filter mail by sending the one classified as spam to a mail box ( ~/mail/spam ), you can use the following rules:

| /usr/bin/spamc
#  The messages marked as spam are stored in the spam folder 
* ^X-Spam-Status: Yes

Configuring the /etc/mail/spamassassin/

You can configure and add parameters ​​in the file /etc/mail/spamassassin/ , where, among many others, you can set the following:

required_hits Used to set the amount of points accumulated, and assigned by SpamAssassin to a message to be considered as spam. The default is 5 , accepts decimals and can be adjusted to a value lower or higher as determined by the administrator. Example: 4.5
report_safe Determines whether the message, if classified as spam, is included in an attachment, with the value 1, or leave the message as is, with the value 0. The default is 0 .
rewrite_header String defines how characters are added to the message to identify it as spam.The default value is [SPAM] , and can be changed as seem appropriate by the administrator. Example: rewrite_header Subject [Spam?]
whitelist_from Is used to define a list of address (or domain) that must be never considered as spam sender.. You can define multiple lines. Example:

* @ midominio.algo whitelist_from
* @ whitelist_from

whitelist_to If you use a mailing list ( majordomo or mailman ), and you want to avoid accidentally considered Spam e-mail, the message issued by one of these lists, you can define to never consider spam mail delivered by this list. Example: whitelist_to [email protected]
blacklist_from You can define that all e-mail from a domain or email account in particular always be considered as spam. Example: blacklist_from [email protected]
ok_languages Sets the codes of the countries whose languages ​​are not considered spam. In the example below, states that the Spanish and Portuguese are considered less likely to qualify as Spam :

ok_languages pt es

Vi è uno strumento di configurazione di SpamAssassin, che genera il file /etc/mail/spamassassin/ all’indirizzo:

As first setup you could only set as whitelist the localhost and the address of your lan in the file /etc/mail/spamassassin/ for example:

# These values can be overridden by editing ~/.spamassassin/ 
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
whitelist_from 127.0.01

If you use the command /usr/bin/spamassassin in the file /etc/procmailrc and ~/.procmailrc , the changes take effect immediately. If you use the command /usr/bin/spamc , to take effect the changes required a restart of the service spamassassin :

service spamassassin restart

Tips for getting most out of using Spamassassin sa-learn.

Many server administrators use Spamassassin to filter the emails that come to their servers. If however, very few people know and use the tool sa-learn , included with Spamassassin , which serves to train and teach to identify spam (or junk mail ) at Spamassassin .

Essentially, the command sa-learn is used to train the Bayesian classifier component of Spamassassin.

The way I suggest using it is to use the email client and move all messages that are considered spam to a folder designated for that purpose, such as ~/mail/spam , and move away from the folder spam all messages considered as legitimate to any other mail folder or the inbox.

Then, use the command sa-learn , with the options -spam , indicating that the message is spam, and the option -mbox , to indicate that the format is  mailbox mbox:

sa-learn --spam --mbox ~/mail/Spam

For messages that were classified as incidental spam , and they were moved to another folder (as for example ~/mail/messages ), or the inbox ( /var/spool/mail/username ), use the command sa-learn with the options -ham , indicating that it is legitimate and that mail should no longer consider it as spam , and the option -mbox , to indicate that it is a format mailbox mbox:

sa-learn --ham --mbox ~/mail/Messages
sa-learn --ham --mbox /var/spool/mail/username

All the above can be used as the user root , which would make the new filters created to train Spamassassin apply to all users, or as any user, which would take effect only for that particular user.
[amazon_enhanced asin=”0596007078″ price=”All” background_color=”332610″ link_color=”FFFFFF” text_color=”D4CE99″ /]
[amazon_enhanced asin=”1904811124″ price=”All” background_color=”332610″ link_color=”FFFFFF” text_color=”D4CE99″ /]

Popular Posts:

Flattr this!

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>