Difference between revisions of "Spamassassin"
m (→Updating spamassassin rules and signatures) |
m (→Updating spamassassin rules and signatures) |
||
| Line 61: | Line 61: | ||
== Updating spamassassin rules and signatures == | == Updating spamassassin rules and signatures == | ||
| − | 1. Import the | + | '''1. Import the GPG keys of the rule repositories (spamassassin and the SARE rules):''' |
Run these commands as root once to setup the system: | Run these commands as root once to setup the system: | ||
| Line 71: | Line 71: | ||
sa-update --import pub.gpg'' | sa-update --import pub.gpg'' | ||
| − | 2. Run the rule updater | + | '''2. Run the rule updater''' |
''sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org'' | ''sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org'' | ||
| − | 3. (Optional) Compile the rules to make spamassassin run faster | + | '''3. (Optional) Compile the rules to make spamassassin run faster''' |
Note: This can take some time to complete and will generate load on your system. | Note: This can take some time to complete and will generate load on your system. | ||
| Line 95: | Line 95: | ||
yum install re2c | yum install re2c | ||
| − | 4. Restart spamassassin | + | '''4. Restart spamassassin''' |
| + | |||
| + | This step is required. Spamassassin loads the rules on start and failing to do this means your system will not update to the latest rules. | ||
/etc/init.d/spamassassin condrestart | /etc/init.d/spamassassin condrestart | ||
| − | 5. (Optional) Setup spamassassin updates in your root crontab | + | '''5. (Optional) Setup spamassassin updates in your root crontab''' |
| + | |||
| + | You can also setup your system to do this automatically and safely. Using crontab and the example commands below will setup sa-update to download update and only when an update is downloaded and is sucessful will the system recompile and restart spamassassin. If there are any errors spamassasin will not be restarted and the system will continue to function normally and safely. | ||
| + | |||
| + | Run this command as root to setup the crontab: | ||
''crontab -e'' | ''crontab -e'' | ||
| − | Then add | + | Then add the line below: |
''<MINUTE> <HOUR> * * * sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org && TMP=/root/tmp; export TMP; TMPDIR=$TMP; export TMPDIR; /usr/bin/sa-compile && /etc/init.d/spamassassin condrestart 1> /dev/null'' | ''<MINUTE> <HOUR> * * * sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org && TMP=/root/tmp; export TMP; TMPDIR=$TMP; export TMPDIR; /usr/bin/sa-compile && /etc/init.d/spamassassin condrestart 1> /dev/null'' | ||
| + | |||
| + | And change <MINUTE> and <HOUR> to numerical values representing the time when you want the update to run, 13 2 for example would be 2:13 AM. Pick your own time so that you are not running your updates at the same time as everyone else (or all of your boxes). | ||
Revision as of 18:09, 2 January 2010
Contents |
General Improvements
Add razor, dcc and pyzor
Step 1) Add atomic channel:
wget -q -O - http://www.atomicorp.com/installers/atomic.sh |sh
Step 2) Add razor, dcc, pyzor
yum install razor-agents dcc pyzor
Step 3) Restart spamassassin
/etc/init.d/spamassassin restart
Force spamassassin to scan messages from localhost, when using qmail-scanner
vi /etc/xinetd.d/smtp_psa
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
instances = UNLIMITED
env = QS_SPAMASSASSIN="on"
server = /var/qmail/bin/tcp-env
server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
Mysql settings for whitelisting
INSERT INTO userpref (username,preference,value) VALUES ('%tsginc.com','whitelist_from','*domain.com');
INSERT INTO userpref (username,preference,value) VALUES ('%tsginc.com','whitelist_from','*@domain.com');
Limiting Load
Add max_load to /etc/xinetd.d/smtp_psa. SMTP will throttle connections when load reaches a certain point. The per_source flag will limit the maximum number of concurrent connections from a single IP.
service smtp
{
socket_type = stream
protocol = tcp
wait = no
disable = no
user = root
max_load = 5
per_source = 2
instances = UNLIMITED
env = QS_SPAMASSASSIN="on"
server = /var/qmail/bin/tcp-env
server_args = /usr/sbin/rblsmtpd -r sbl-xbl.spamhaus.org /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true
}
Updating spamassassin rules and signatures
1. Import the GPG keys of the rule repositories (spamassassin and the SARE rules):
Run these commands as root once to setup the system:
wget http://spamassassin.apache.org/updates/GPG.KEY sa-update --import GPG.KEY gpg --keyserver pgp.mit.edu --recv-keys BDE9DC10 gpg --armor -o pub.gpg --export BDE9DC10 sa-update --import pub.gpg
2. Run the rule updater
sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org
3. (Optional) Compile the rules to make spamassassin run faster
Note: This can take some time to complete and will generate load on your system.
(The steps below are also optional and are useful on systems that use ASL with the real time malware prevention system to help prevent the system from being triggered, the /root/ directory is considered trusted.)
mkdir /root/tmp TMP=/root/tmp export TMP TMPDIR=$TMP export TMPDIR
This step however is not optional if you want to compile the rules:
/usr/bin/sa-compile
Note: the re2c package must be installed to compile the rule, if you do not have that package installed you can install it with this command on a RHEL, Fedora or Centos system:
yum install re2c
4. Restart spamassassin
This step is required. Spamassassin loads the rules on start and failing to do this means your system will not update to the latest rules.
/etc/init.d/spamassassin condrestart
5. (Optional) Setup spamassassin updates in your root crontab
You can also setup your system to do this automatically and safely. Using crontab and the example commands below will setup sa-update to download update and only when an update is downloaded and is sucessful will the system recompile and restart spamassassin. If there are any errors spamassasin will not be restarted and the system will continue to function normally and safely.
Run this command as root to setup the crontab:
crontab -e
Then add the line below:
<MINUTE> <HOUR> * * * sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com --channel updates.spamassassin.org && TMP=/root/tmp; export TMP; TMPDIR=$TMP; export TMPDIR; /usr/bin/sa-compile && /etc/init.d/spamassassin condrestart 1> /dev/null
And change <MINUTE> and <HOUR> to numerical values representing the time when you want the update to run, 13 2 for example would be 2:13 AM. Pick your own time so that you are not running your updates at the same time as everyone else (or all of your boxes).
