Guide updated on 29th of December 2011

Configure spamassassin


Spamassassin is the antispam system we 'll use

Edit /etc/default/spamassassin to change the following options :

ENABLED=1
OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u vpopmail -v -x -i -m 5 -c -H -s mail"

Edit /etc/spamassassin/local.cf to change the following options :

Uncomment following lines

required_score 5.0
use_bayes 1
bayes_auto_learn 1

Add following lines

use_razor2 1
skip_rbl_checks 1
use_dcc 1
use_pyzor 1
pyzor_options --homedir /etc/spamassassin/
razor_config /etc/razor/razor-agent.conf

Add the Pyzor servers by running the following command.

pyzor --homedir /etc/spamassassin discover

OPTIONAL : If you want to report spam with the Vipul's Razor spam-reporting system

razor-admin -d -home=/etc/razor -create
razor-admin -d -home=/etc/razor -register

Uncomment this in /etc/spamassassin/v310.pre

loadplugin Mail::SpamAssassin::Plugin::DCC

Uncomment this in /etc/spamassassin/v320.pre (line 53)

loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody

Install IP::Country::Fast perl package (deb)

dpkg -i /downloads/deb-packages/libip-country-perl_2.27-1_all.deb

Uncomment this in /etc/spamassassin/init.pre

loadplugin Mail::SpamAssassin::Plugin::RelayCountry

Create a compiled version of some ruleset

sa-compile

Test configuration and start the service

/usr/bin/spamassassin -D --lint
/etc/init.d/spamassassin start

OPTIONAL : If you want qmail-smtpd to reject messages where the domain portion of the envelope sender is not a valid domain (feature non-related to spamassassin but added by patch qmail-1.03-mfcheck.3.patch.)

echo 1 > /var/qmail/control/mfcheck

Configure clamav


Users comments
Thibs - 12/12/2011 10:49

@David :

The easiest thing is to make what I describe on download-sofwares.php :

cd /downloads/deb-packages
dh-make-perl --build --install --cpan 'IP::Country::Fast'

With this method, you can build your own deb package

It supposes that the package dh-make-perl is installed on your system

David - 10/12/2011 02:26

If you're on ubuntu natty or older, you may require one of the libgeography-countries-perl builds for oneiric in order for libip-country-perl to resolve its dependencies.

https://launchpad.net/ubuntu/+source/libgeography-countries-perl/2009041301-1

Thibs - 17/10/2011 16:35

Hello Georgi,

I've just done a brand new installation and I confirm the line exist on /etc/spamassassin/v320.pre

Check the line 53

Georgi - 12/10/2011 15:16

Heya again,

 

The line:

loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody
is not contained in /etc/spamassassin/v320.pre
One have to include it by copy pasting in the file.

I've tested with spamassassin --lint and it works fine after copy/pasting. Maybe its a good idea if it is fixed in the tutorial.

 

Greetings

Georgi

Thibs - 07/10/2011 00:08

Sorry Alexey, it was my only idea (but your question is really interresting and I hope finding a solution )

Alexey - 04/10/2011 20:39

I tried different options in my /service/qmail-smtpdssl/run But even if I set

export RELAYCLIENT=""

emails are scanned by qms and SA. :-(
Alexey - 04/10/2011 13:55

According to http://qmail.jms1.net/patches/combined.shtml this feature is not on TODO list of John M. Simpson. :-) He advices to use AUTH_RELAYCLIENT="" instead. I'm not sure if he doesn't mean AUTH_SET_RELAYCLIENT. But both options are not included in the run-file. :-(

He warns to be aware that the RELAYCLIENT environment variable is used for more than just granting permission to relay. (Read the man page for qmail-smtpd (i.e. run "man qmail-smtpd" on your system) for more details.)

Do you know what he means?

Thibs2 - 03/10/2011 23:15

Hello Alexey,

Your question is interresting but to be honnest at first sight I really don't known how to do it.

My first approach consist to try decreasing the SA score ... but your approach is better.

Nevertheless on Qmail-scanner FAQ I have read :

Qmail-Scanner will only pass the message to SpamAssassin if it originates from an external (non-local) SMTP client. This is defined by whether or not the standard Qmail RELAYCLIENT environment variable is set. i.e. if the mail originates locally, it isn't scanned by SA. This is done for performance reasons and to cut down on false positives (i.e. your local users will never complain that their email is being classified as spam :-) If you explicitly want to scan some/all local SMTP clients email too, then set QS_SPAMASSASSIN="1" within the tcpserver rules file."

My second approach (deducted from this FAQ) is try modifying the file /service/qmail-smtpd/run (online version)  by adding 

export RELAYCLIENT=""

on line 310 (just after

ARGS=" $LOCAL $CHECKPW $TRUE"

)

 

But I'm not sure of this solution and I currently have no time to test it

Alexey - 03/10/2011 20:29

Thank you for this wonderfull manual.

Is there a way to tell qmail-smtpd oder qmail-scanner not to scan the emails which are delivered from the mail client with successfull AUTH ? Otherwise there is a risk that some of them will be kicked out by SA or other scans.

So a standard email send by Outlook gets at least 3.4 point from SA.

X-Spam-Status: No, hits=3.4 required=5.0
X-Spam-Level: +++
X-Spam-Report: SA TESTS
  0.0 FSL_HELO_NON_FQDN_1    FSL_HELO_NON_FQDN_1
  0.9 SPF_FAIL               SPF: sender does not match SPF record (fail)
 [SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=email%40domain.de;ip=80.133.6.79;r=serverid.server.com]
  0.0 HTML_MESSAGE           BODY: HTML included in message
  1.0 HELO_NO_DOMAIN         Relay reports its domain incorrectly
  1.4 DOS_OUTLOOK_TO_MX      Delivered direct to MX with Outlook headers

Thibs - 28/01/2011 00:39

@Luc : C'est "normal" ... 

 

Ca fait un temps fou que les bugs suivants sont ouverts chez Debian :

 

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483359

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338352

 

Ceci dit, ça n'empêche pas spamassassin de fonctionner

Luc - 27/01/2011 21:16

salut,

je trouve ca dans mes logs

Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $vpopdir in concatenation (.) or string at /usr/sbin/spamd line 2106,  line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Can't exec "/bin/vuserinfo": Aucun fichier ou répertoire de ce type at /usr/sbin/spamd line 2106,  line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $vpopdir in concatenation (.) or string at /usr/sbin/spamd line 2111,  line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Can't exec "/bin/valias": Aucun fichier ou répertoire de ce type at /usr/sbin/spamd line 2111,  line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $dir in scalar chomp at /usr/sbin/spamd line 2118,  line 2.

??
Christophe hubert - 20/01/2011 00:41

spamassassin need to be started at reboot :

 update-rc.d spamassasin start 75 2 3 4 5 .

Thank you for your guide. A wonderfull one !


Thibs - 05/10/2010 08:39

Hello Mark, you 're right. It was a typo in my post

So the right command is

dpkg -i /downloads/deb-packages/libencode-detect-perl_1.01-1_ARCH.deb

(in my case libencode-detect-perl_1.01-1_amd64.deb)

Mark - 04/10/2010 17:45

I had to add 1.01_1_i386.deb to the final line in Thib's post to install the package.  That is correct, isn't it?

Thibs - 01/08/2010 18:54

Important note :

To achieve Goofy'suggestion on Debian

cd /downloads/deb-packages
dh-make-perl --build --install --cpan 'Encode::Detect'

dpkg -i /downloads/deb-packages/libencode-detect-perl

Goofy - 26/07/2010 23:01

To have the charset encoder work with spamassin use "apt-get install libencode-detect-perl."

 


Color Coded Qmail Installation Key
  Regular Black Text     Qmail installation notes and summaries by the author.
  Bold Black Text     Commands to be run by you, the installer.
  Bold/Regular Red Text    Vital and/or critical information.
  Regular Blue text     Denotes helpful tips and hints or hyperlinks.
  Regular Orange Text     Command line output.
  Bold/Regular green text     Denotes the contents of a file or script.