> -----Original Message-----
> From: Joey Netterville
> Sent: Friday, December 26, 2003 12:44 PM
>
> i'm running spamassassin and it works wonderfully on new, incoming email.
> i'm an administrator hoping to implement this on my machine and give users
> the ability to start filtering their email. is it possible to run
> spamassassin on their existing mail spools?
>
It is possible, but it won't be easy, and if you mess up, you may delete
everyone's
e-mail (which certainly takes care of the spam problem).
The steps would go something like:
1) suspend mail delivery (ie, /etc/init.d/sendmail stop)
2) make a reliable copy of the entire mail spool directory onto another
separate file system and/or machine. Verify the copy is identical before
moving to the next step.
3) Run a shell script that does something like the following (please pardon
the tcsh syntax):
if (! -w /var/spool/mail) then
echo "can't write mail spool directory: /var/spool/mail"
exit 2
endif
foreach f (/var/spool/mail/*)
if (-z $f) continue # skip empty files
head -1 $f | grep -q '^From '
if ($status != 0) continue # it doesn't look like an mbox, skip it
lockfile ${f}.lock # to be on the safe side, grab a lock.
set finfo = `ls -l $f`
set owner = $finfo[3] # get the file owner
# Run spamassassin as the owner, to pick up local prefs and such
# make sure to write the temp file as super-user/mail because we
# want to tweak the file attributes, and we require write
# access to the mail spool directory.
su $owner -c 'formail -s spamassassin < $f' > ${f}.tmp
# Make the temp file's attributes the same as the original.
chown --reference=$f ${f}.tmp
chmod --reference=$f ${f}.tmp
touch --reference=$f ${f}.tmp
mv ${f}.tmp $f # Overwrite the original
rm -f ${f}.lock # Release the lock
end
(Some of the commands above (chown, chmod, touch, grep) assume that you're
running
with the GNU implementations of those utilities. This is typically true in
recent
Linux distributions.)
4) restart sendmail (ie, /etc/init.d/sendmail start)
(The script needs to be run as super-user, or as the 'mail' user which has
write
access to the /var/spool/mail directory.)
Above, you may want to run spamc instead of spamassassin. You may need
to arrange to run each message through "spamassassin -d" to remove any
previous SA mark up. That would look something like this:
su $owner -c 'formail -s spamassassin -d < $f | formail -s spamassassin' >
${f}.tmp
On big mbox's, this will take a long time to run because a spamassassin
process will
be created for each message. Using spamc, if you're set up for that, will
run
a lot faster, but will still take a while. I'd only contemplate doing this
when the user load is light. Strictly speaking, the script above could be
run without killing sendmail, because it uses lock files -- but doing so
would make it impossible to make a reliable snapshot of the mail spool
directory.
Caveat: the script above is just an outline of one way to accomplish the
task.
The commands haven't been syntax checked, and definitely the procedure
hasn't
been debugged. You'd want to try this on a few sample mailbox files first.
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
