>From: "Security" <[EMAIL PROTECTED]> > I'm very interested in running SpamAssassin site-wide on a few of my >machines. Currently I'm >Running Postfix for an MTA. Can anyone point me to some good >documentation on setting up SpamAssassin >With Postfix? I've done some searches but can't seem to find any decent >documentation. > >If anyone could point me in the right direction it would be much >appreciated. > >Thanks! >-jpk
I have this setup. I use the Procmail method. I run HTML-TRAP before SpamAssassin to cleanup sanitize messages. Seems to work well. Download sanitizer from http://www.impsec.org/email-tools/procmail-security.html Create Procmail procmailrc file My Procmail goals: 1. Backup last 100 messages in /var/spool/procmail/backup directory 2. Log mail headers in /var/spool/procmail/msglog MBOX file that can be read by "pine" 3. Quarantine active code and viruses in /var/spool/procmail/virus MBOX file that can be read by "pine" 4. Tag all spam with hits 5 or greater with SpamAssassin 5. Quarantine spam in /var/spool/procmail/spam MBOX file > 7 hits that can be read by "pine" 6. Keep headers for 30 days, viruses for 30 and spam for 7 days. 7. Allow root to look at all MBOX files using Pine 8. Allow postmaster and abuse to bypass spam processing. Setup MBOX files create /var/spool/procmail mkdir procmail chown filter:filter procmail chmod 775 procmail create /var/spool/procmail MBOX files msglog, spam, quarantine chown filter:filter * chmod 662 * Create /var/spool/procmail/backup directory mkdir backup chown filter:filter backup chmod 775 backup Configure Pine to read Incoming MBOX files Run --> pine Select s(etup) from the Main menu. Select c(onfigure). Type a p to advance one screen use the space bar or down-arrow key to scroll down the list to "enable-incoming-folders." Select this option by typing an x. Type an e to exit the Configuration screen. Select q to exit pine and set your changes. , Run --> pine Add folder for msglog MBOX Select l for folder list Select Incoming Folders Select a to add folder Hit enter for <server> Enter /var/spool/procmail/msglog for "Folder to add" Enter Msg Log for "Nickname" Repeat for spam and quarantine MBOXes Done! My Postfix master.cf looks like: -------- master.cf ----------------- # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (50) # ========================================================================== smtp inet n - y - - smtpd -o content_filter=procmail ---- snip --- procmail unix - n n - - pipe flags=R user=filter argv=/usr/bin/procmail -Y -m /etc/mail/procmail/procmailrc ${sender} ${recipient} ------------ snip ------------------- My procmailrc looks like: -------- procmailrc ----------------- ################################################################ # # procmail rules to filter mail on a gateway # PATH="/usr/bin:$PATH:/usr/local/bin" SHELL=/bin/sh #Drop Privledges before setting logfile LOGDIR=/var/log SPOOLDIR=/var/spool/procmail BINDIR=/etc/mail/procmail DROPPRIVS=YES LOGFILE=${LOGDIR}/procmail NL=" " ##LOG="--- Logging ${LOGFILE} for ${LOGNAME}, " #Uncomment these for procmail debugging LOGABSTRACT=all ##VERBOSE=yes #Uncomment these debugs for sanitizer debugging ##DEBUG=YES ##DEBUG_VERBOSE=YES ##LOG=`type mktemp` ##LOG=`type mimencode` #Setup html-trap sanitizer configs DISABLE_MACRO_CHECK=YES POISONED_EXECUTABLES=${BINDIR}/poisoned STRIPPED_EXECUTABLES=${BINDIR}/stripped SECURITY_STRIP_MSTNEF=YES DEFANG_WEBBUGS=NO SECURITY_NOTIFY="root@localhost" SECURITY_NOTIFY_SENDER="/etc/mail/procmail/poisoned-sender.txt" SECURITY_NOTIFY_RECIPIENT="/etc/mail/procmail/poisoned-recipient.txt" SECURITY_NOTIFY_SENDER_POSTMASTER=YES SECRET="changeme" SECURITY_QUARANTINE=${SPOOLDIR}/quarantine # Mangle must include all stripped and poisoned extentions MANGLE_EXTENSIONS='386|adt|app|as[dpx]|ba[st]|bin|btm|cab|cbt|chm|cil|clas?s?|cmd|com|cpl|crt|csc|dll|drv|em[fl]|email|exe|fon|hlp|hta|ica|in[fs]|isp|jse?|lib|lnk|ms[ciopt]|nws|obj|ocx|ov.|pcd|pgm|pif|p[lm]|rar|reg|sc[rt]|sh[bs]|smm|sys|vb[se]?|vxd|wm[szd]|ws[cfh]|acp|aiff?|au|avi|bm[ort]|cda|dib|la[1r]|lavs|lqt|m[123]v|m3u|m[ie]di?|mn[ds]|mov|mp[123aegsv]|mpe?ga?|pls|qtm|r3t|r[afmptv]|rmi|rtsp|sdp|smil?|snd|vpg|wav|wma|\{[-0-9a-f]+\}' # Backup messages to directory :0 c ${SPOOLDIR}/backup # Keep last 100 messages :0 ci | cd /var/spool/procmail/backup && rm -f dummy `ls -t msg.* | sed -e 1,100d` # Run html-trap Sanitizer INCLUDERC=${BINDIR}/local-rules.procmail INCLUDERC=${BINDIR}/html-trap.procmail #Bypass for special users :0 * ^TO_\/([EMAIL PROTECTED]|[EMAIL PROTECTED]) ! -f "$@" # Run SpamAssassin Daemon Client # Note Spamassassin run as "spamd -d -x -a -u filter" :0 fw | spamc # Put From at beginning for MBOX format so Pine can read :0 fhw | formail -I "From " -a "From " # Copy message headers to Pine incoming mailbox for logging :0 hci: ${SPOOLDIR}/msglog # Save SPAM to Pine incoming mailbox and kill # Will tag messages at Hit level 5 or higher but # Quarantine spam at Spam-Level of 7 or higher. :0: * ^X-Spam-Level: \*\*\*\*\*\*\* ${SPOOLDIR}/spam # Resend Good Mail :0 ! -f "$@" ------------ snip ------------------- ------------ /etc/mail/spamassassin/local.cf ------------------- ##blacklist_from [EMAIL PROTECTED] blacklist_from [EMAIL PROTECTED] # #Users that bypass filtering ## whitelist_to [EMAIL PROTECTED] ##more_spam_to [EMAIL PROTECTED] ##all_spam_to [EMAIL PROTECTED] rewrite_subject 1 spam_level_stars 1 subject_tag **SPAM?** report_header 1 use_terse_report 0 defang_mime 0 skip_rbl_checks 0 check_mx_attempts 2 check_mx_delay 5 ok_locales en ja ko th zh allow_user_rules 0 razor_config /home/filter/razor.conf auto_whitelist_path /var/spool/spamassassin/auto-whitelist auto_whitelist_file_mode 0666 dcc_add_header 1 # required_hits 5 score RELAYS_ORDB_ORG 0.0 score RCVD_IN_ORBS 0.0 score RCVD_IN_BL_SPAMCOP_NET 4.0 header RCVD_IN_NJABL eval:check_rbl('relay', 'dnsbl.njabl.org') describe RCVD_IN_NJABL Received via a relay in NJABL score RCVD_IN_NJABL 2.0 ------------ snip ------------------- _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
