Difference between revisions of "Spamassassin"
m (→Updating spamassassin rules and signatures) |
m (→Updating spamassassin rules and signatures) |
||
Line 64: | Line 64: | ||
Run these commands as root once to setup the system: | Run these commands as root once to setup the system: | ||
− | + | '' | |
− | + | wget http://spamassassin.apache.org/updates/GPG.KEY | |
− | + | sa-update --import GPG.KEY | |
− | + | gpg --keyserver pgp.mit.edu --recv-keys BDE9DC10 | |
− | + | gpg --armor -o pub.gpg --export BDE9DC10 | |
− | + | sa-update --import pub.gpg'' | |
− | + | ||
2. Run the rule updater | 2. Run the rule updater | ||
− | + | ''sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org'' | |
3. (Optional) Compile the rules to make spamassassin rule faster | 3. (Optional) Compile the rules to make spamassassin rule faster | ||
− | + | ''mkdir /root/tmp | |
− | + | TMP=/root/tmp | |
− | + | export TMP | |
− | + | TMPDIR=$TMP | |
− | + | export TMPDIR | |
− | + | /usr/bin/sa-compile'' | |
4. Restart spamassassin | 4. Restart spamassassin | ||
Line 91: | Line 90: | ||
5. (Optional) Setup spamassassin updates in your root crontab | 5. (Optional) Setup spamassassin updates in your root crontab | ||
− | + | ''crontab -e'' | |
Then add this line: | Then add this line: | ||
− | + | ''10 4 * * * sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org && TMP=/root/tmp; export TMP; TMPDIR=$TMP; export TMPDIR; /usr/bin/sa-compile && /etc/init.d/spamassassin condrestart 1> /dev/null'' |
Revision as of 18:15, 29 December 2009
Contents |
General Improvements
Add razor, dcc and pyzor
Step 1) Add atomic channel:
wget -q -O - http://www.atomicorp.com/installers/atomic.sh |sh
Step 2) Add razor, dcc, pyzor
yum install razor-agents dcc pyzor
Step 3) Restart spamassassin
/etc/init.d/spamassassin restart
Force spamassassin to scan messages from localhost, when using qmail-scanner
vi /etc/xinetd.d/smtp_psa
service smtp { socket_type = stream protocol = tcp wait = no disable = no user = root instances = UNLIMITED env = QS_SPAMASSASSIN="on" server = /var/qmail/bin/tcp-env server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true }
Mysql settings for whitelisting
INSERT INTO userpref (username,preference,value) VALUES ('%tsginc.com','whitelist_from','*domain.com'); INSERT INTO userpref (username,preference,value) VALUES ('%tsginc.com','whitelist_from','*@domain.com');
Limiting Load
Add max_load to /etc/xinetd.d/smtp_psa. SMTP will throttle connections when load reaches a certain point. The per_source flag will limit the maximum number of concurrent connections from a single IP.
service smtp { socket_type = stream protocol = tcp wait = no disable = no user = root max_load = 5 per_source = 2 instances = UNLIMITED env = QS_SPAMASSASSIN="on" server = /var/qmail/bin/tcp-env server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true }
Updating spamassassin rules and signatures
1. Import the GP keys of the rule repositories (spamassassin and the SARE rules):
Run these commands as root once to setup the system: wget http://spamassassin.apache.org/updates/GPG.KEY sa-update --import GPG.KEY gpg --keyserver pgp.mit.edu --recv-keys BDE9DC10 gpg --armor -o pub.gpg --export BDE9DC10 sa-update --import pub.gpg
2. Run the rule updater
sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org
3. (Optional) Compile the rules to make spamassassin rule faster
mkdir /root/tmp TMP=/root/tmp export TMP TMPDIR=$TMP export TMPDIR /usr/bin/sa-compile
4. Restart spamassassin
/etc/init.d/spamassassin condrestart
5. (Optional) Setup spamassassin updates in your root crontab
crontab -e
Then add this line:
10 4 * * * sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org && TMP=/root/tmp; export TMP; TMPDIR=$TMP; export TMPDIR; /usr/bin/sa-compile && /etc/init.d/spamassassin condrestart 1> /dev/null