> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Joey
> Netterville
> Sent: Sunday, December 28, 2003 1:55 PM
> To: Dave Kliczbor
> Cc: Joey Netterville; [EMAIL PROTECTED]
> Subject: Re: [SAtalk] running SA on existing mail spools
>
>
> okay, that was a little unclear... :)
>
> i have run spamassassin on existing mail spools, but when i run
> spamassassin on a mail spool it marks the spool as if the entire spool was
> one large email message. i'm looking for a way to check the individual
> messages.
>
> my overall goal is to be able to check existing user's spools for spam and
> let them filter that out of their large mail spools, and then start
> running spamassassin to keep their spools clean in the future.
>
>
One way to do this is to reprocess the spooled mail using formail/procmail.
The procmail docs ("man procmail") suggest the following:
#!/bin/sh
ORGMAIL=/var/spool/mail/$LOGNAME
if cd $HOME &&
test -s $ORGMAIL &&
lockfile -r0 -l1024 .newmail.lock 2>/dev/null
then
trap "rm -f .newmail.lock" 1 2 3 13 15
umask 077
lockfile -l1024 -ml
cat $ORGMAIL >>.newmail &&
cat /dev/null >$ORGMAIL
lockfile -mu
formail -s procmail <.newmail &&
rm -f .newmail
rm -f .newmail.lock
fi
exit 0
This has to be run under the user-id of each user. The basic idea is
to first copy the original mail spool file to a local file (.newmail),
then null out the original mail spool file, then reprocess the mail spool
file using "formail -s procmail <.newmail". In your case however, you don't
want to re-execute the system-wide procmailrc file (in /etc/procmailrc) or
the user's procmailrc file because it may cause the mail to refiled in
unacceptable
ways. You're only after putting the mail either back in the inbox, or
refiling
it into a spam file under the user's home directory somewhere. For that
you'll
need to write your own procmailrc file (call it refile_spam.rc). You should
also
remove any pre-exisiting SA mark up. Your formail/procmail invocation would
look more like this:
formail -s spamassassin -d < .newmail | \
formail -s procmail /etc/refile_spam.rc && rm -f .newmail
And refile_spam.rc might have something like the following:
SA=/usr/bin/spamassassin
SPAM=$HOME/spam.mbox
:0fw
* < 250000
| $SA
:0:
* ^X-Spam-Status: Yes
$SPAM
## Otherwise, default is to redliver into $MAIL.
Again, this has to be run as the user for whom the mail is being
reprocessed.
If everything above was packaged into a script, called
/etc/mail/refile_mail,
You could run the following as super-user:
SPOOL=/var/spool/mail
cd $SPOOL
for user in `ls` ; do
if [ -s $user -a -r $user ] && head -1 $user | grep -q '^From ' ; then
su $user -c /etc/mail/refile_mail
fi
done
Doing all this is risky business because if it goes wrong users can lose
their
e-mail, or endless email loops can be created (due to improper programming
of
the procmail script) and so on. With that in mind, it is a good idea to
first kill sendmail, then make a full copy of the mail spool directory.
Testing
this process out on a test user account would also be good.
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
