Configure spamassassin
Spamassassin is the antispam system we 'll use
Enable Spamassassin
Edit /etc/default/spamassassin to change the options :
IP::Country::Fast perl installation
Install perl package (deb)
Take the latest version of IP database from http://mailfud.org/ip-country-fast/
mv cc.gif cc.gif.old
mv ip.gif ip.gif.old
wget http://mailfud.org/ip-country-fast/cc.gif
wget http://mailfud.org/ip-country-fast/ip.gif
cd /downloads/
Configure pyzor
Add the Pyzor servers by running the following command.
chmod 666 /etc/spamassassin/servers
OPTIONAL : If you want to report spam with the Vipul's Razor spam-reporting system
razor-admin -d -home=/etc/razor -register
Load additionnal plugins
Uncomment this in /etc/spamassassin/init.pre (line 22)
Uncomment this in /etc/spamassassin/v310.pre (line 24)
Uncomment this in /etc/spamassassin/v320.pre (line 53)
Enable additionnal features
Edit /etc/spamassassin/local.cf to change the following options :
Uncomment following lines
required_score 5.0use_bayes 1
bayes_auto_learn 1
Add following lines
score BAYES_99 5.300add_header all Relay-Country _RELAYCOUNTRY_
skip_rbl_checks 1
use_pyzor 1
pyzor_options --homedir /etc/spamassassin/
use_razor2 1
razor_config /etc/razor/razor-agent.conf
OPTIONAL : If you want to change mail classification based on relaying countries, add following lines in /etc/spamassassin/local.cf
describe RELAYCOUNTRY_BAD Relayed through China at some point
score RELAYCOUNTRY_BAD 3.0
header RELAYCOUNTRY_GOOD X-Relay-Countries =~ /^(BE|FR)/
describe RELAYCOUNTRY_GOOD Relayed through Belgium or France
score RELAYCOUNTRY_GOOD -0.2
Create a compiled version of some ruleset
Test configuration and start the service
systemctl start spamassassin
OPTIONAL : If you want qmail-smtpd to reject messages where the domain portion of the envelope sender is not a valid domain (feature non-related to spamassassin but added by patch qmail-1.03-mfcheck.3.patch.)
Users comments
@Lage : you can add plenty of rules by copying your needs from /usr/share/spamassassin
You can also update the used one with the command
sa-update -D
Spamassassin rules are not updating
Need to update rules, too much spam passing thru
For those who are getting the "config: cannot create user preferences file" - ".spamassassin/user_prefs: No such file or directory"... Have a look at this post:
https://forum.vestacp.com/viewtopic.php?f=12&t=5514#p22944
This solved the problem for me!
Spamassassin starts differently on Jessie, make it autostart with:
systemctl enable spamassassin.service
The ENABLED=1 switch doesn t do anything anymore.
Further on, the /etc/default/spamassassin contains an option part.
I had to change it to:
OPTIONS="--create-prefs --max-children 5 -u vpopmail -v -x -i -H --virtual-config-dir=/home/vpopmail/domains/%d/%l -c -s mail"
Then python throws an error:
pyzor: check failed: internal error, python traceback seen in response
Fixed that with:
pyzor_options --homedir /home/vpopmail/spamassassin/
Of course I made the dir /home/vpopmail/spamassassin/ (also copied the file servers from /etc/spamassassin) and did a
chown -R vpopmail:vchkpw spamassassin/
and to be sure
chown -R vpopmail:vchkpw spamassassin.
Then DCC gives an error, fixed that with this site:
I´m receiving the following in some emails:
debian spamc[3339]: skipped message, greater than max message size (512000 bytes)
Whare do i enable messages more than 512Kb to go to spamassassin??
Oh.. and GREAT GUIDE!, you rock!
I had some errors "pyzor: check failed: internal error" in syslog, it was a user right problem with /etc/spamassassin/servers generated by pyzor --homedir /etc/spamassassin discover
See here : http://mailadmin.wordpress.com/2008/06/23/my-case-of-pyzor-check-failed-internal-error/
Hope it helps.
Hello
Disable /etc/default/spamassassin
-H --helper-home-dir both is the same
and in config
--max-children 5 -m 5 is the same
The above spamsassassin options give me the following problem:
Oct 14 15:40:50 server spamd[5767]: spamd: creating default_prefs: user@domain.nl/.spamassassin/user_prefs
Oct 14 15:40:50 server spamd[5767]: config: cannot create user preferences file user@domain.nl/.spamassassin/user_prefs: No such file or directory
Oct 14 15:40:50 server spamd[5767]: spamd: failed to create readable default_prefs: user@domain.nl/.spamassassin/user_prefs
I've tried to set the SAHOMEDIR in /etc/default/spamassassin:
SAHOME="/home/vpopmail/.spamassassin/"
ENABLED=1
OPTIONS="--create-prefs --max-children 5 --helper-home-dir ${SAHOME} -u vpopmail -v -x -i -m 5 -c -H -s mail -4"
But still the same issue.
It seems spamassassin or simscan does not find the SAHOME dir and tries to create the user_prefs in the email adres format homedir (it does not break the email and domain part from each other).
Does anybody know how to fix this so I can train spamassassin?
On Ubuntu 14.04
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6953
spamd: could not create IO::Socket::INET6 socket on [::]:783: Address already in use
Edit /etc/default/spamassassin to change the following options : add -4 to end
OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u vpopmail -v -x -i -m 5 -c -H -s mail -4"
@Matt :
Change line 69 of /service/qmail-smtpd/run
Then
qmailctl restart
I have a problem with using the Spamhaus PBL. It blocks emails from IP addresses that are fine.
How can I remove checking against the Spamhaus PBL?
Is it burried somewhere in SpamAssassin?
Matt
That got me to the right place. Don't know if I needed that line, but by itself, nothing changed. I also changed line 144 from
SPFBEHAVIOR=3
to
SPFBEHAVIOR=0
Thanks for the pointer. I (obviously) had no idea where to look.
Phyllis
Try to modify line 146 of /var/qmail/supervise/qmail-smtpd/run
By
SPF_BLOCK_PLUS_ALL=0
I'm hoping that someone can help me. I followed this cookbook and even understand most of it. My server is working well, EXCEPT - I have a subscription to mxlogic, which does a lot of the same filtering, but all my incoming mail comes from mxlogic.com (for a variety of reasons). While regular e-mail gets through, I'm not getting any of my bulk e-mails. They fail with
250 Bounce (550 See http://spf.pobox.com/why.html?sender=bounce-25895894-584293325%40lists.n-email1.net&ip=208.65.144.247&receiver=mail.csmiths.com (#5.7.1)); Mode: normal; Queued: no; Frontend TLS: no; SPF: Pass in the mxlogic log
and
@4000000050feafaf0dc40a4c tcpserver: end 3729 status 0
@4000000050feafaf0dc4121c tcpserver: status: 0/30 @4000000050feafb82de35274 tcpserver: status: 1/30
@4000000050feafb82de4f46c tcpserver: pid 3730 from 208.65.144.247 @4000000050feafb82f55c27c tcpserver: ok 3730 mail.csmiths.com:216.161.59.153:25 mxl144v247.mxlogic.net:208.65.144.247::59195 @4000000050feafb912f8606c qmail-smtpd[3730]: MFCHECK pass [208.65.144.247] lists.n-email1.net @4000000050feafb92bc97324 qmail-smtpd[3730]: Received-SPF: fail (mail.csmiths.com: SPF record at ne16.com does not designate 208.65.144.247 as permitted sender) @4000000050feafb92bca1b1c qmail-smtpd[3730]: MAIL FROM: @4000000050feafb92d6d0934 qmail-smtpd[3730]: RCPT TO:
in my qmail-smtp log.
I've set the file spfbehavior to contain a 0, which should say to ignore spf. I've disabled spamassasin, so this might not be the right place for this message, but HELP. I'd like to receive my bulk e-mail.
I've seen some references to tcpserver as a place to deal with this, but I can't find any specific instructions.
Thanks for any help you can provide!
Hello Daniel,
I've never tried. I think you should first take a look to the file /var/qmail/bin/qmail-scanner-queue.pl
Is there a way to configure spamassasin to put spam in each user (in each domain)'s INBOX path so that they can see it in their mail client? Right now, all spam end up in the same quarantine location and users can't manage spam effectively. Maybe there's a message that was marked as spam incorrectly but users without access to /var/spool/qscan/quarantine won't be able to see if they've got incorrectly marked spam....
@David :
The easiest thing is to make what I describe on download-sofwares.php :
cd /downloads/deb-packages
dh-make-perl --build --install --cpan 'IP::Country::Fast'
With this method, you can build your own deb package
It supposes that the package dh-make-perl is installed on your system
If you're on ubuntu natty or older, you may require one of the libgeography-countries-perl builds for oneiric in order for libip-country-perl to resolve its dependencies.
https://launchpad.net/ubuntu/+source/libgeography-countries-perl/2009041301-1
Sorry Alexey, it was my only idea (but your question is really interresting and I hope finding a solution )
I tried different options in my /service/qmail-smtpdssl/run But even if I set
export RELAYCLIENT=""
emails are scanned by qms and SA. :-(
According to http://qmail.jms1.net/patches/combined.shtml this feature is not on TODO list of John M. Simpson. :-) He advices to use AUTH_RELAYCLIENT="" instead. I'm not sure if he doesn't mean AUTH_SET_RELAYCLIENT. But both options are not included in the run-file. :-(
He warns to be aware that the RELAYCLIENT environment variable is used for more than just granting permission to relay. (Read the man page for qmail-smtpd (i.e. run "man qmail-smtpd" on your system) for more details.)
Do you know what he means?
Hello Alexey,
Your question is interresting but to be honnest at first sight I really don't known how to do it.
My first approach consist to try decreasing the SA score ... but your approach is better.
Nevertheless on Qmail-scanner FAQ I have read :
Qmail-Scanner will only pass the message to SpamAssassin if it originates from an external (non-local) SMTP client. This is defined by whether or not the standard Qmail RELAYCLIENT environment variable is set. i.e. if the mail originates locally, it isn't scanned by SA. This is done for performance reasons and to cut down on false positives (i.e. your local users will never complain that their email is being classified as spam :-) If you explicitly want to scan some/all local SMTP clients email too, then set QS_SPAMASSASSIN="1" within the tcpserver rules file."
My second approach (deducted from this FAQ) is try modifying the file /service/qmail-smtpd/run (online version) by adding
export RELAYCLIENT=""
on line 310 (just after
ARGS=" $LOCAL $CHECKPW $TRUE"
)
But I'm not sure of this solution and I currently have no time to test it
Thank you for this wonderfull manual.
Is there a way to tell qmail-smtpd oder qmail-scanner not to scan the emails which are delivered from the mail client with successfull AUTH ? Otherwise there is a risk that some of them will be kicked out by SA or other scans.
So a standard email send by Outlook gets at least 3.4 point from SA.
X-Spam-Status: No, hits=3.4 required=5.0
X-Spam-Level: +++
X-Spam-Report: SA TESTS
0.0 FSL_HELO_NON_FQDN_1 FSL_HELO_NON_FQDN_1
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=email%40domain.de;ip=80.133.6.79;r=serverid.server.com]
0.0 HTML_MESSAGE BODY: HTML included in message
1.0 HELO_NO_DOMAIN Relay reports its domain incorrectly
1.4 DOS_OUTLOOK_TO_MX Delivered direct to MX with Outlook headers
@Luc : C'est "normal" ...
Ca fait un temps fou que les bugs suivants sont ouverts chez Debian :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483359
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338352
Ceci dit, ça n'empêche pas spamassassin de fonctionner
salut,
je trouve ca dans mes logs
Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $vpopdir in concatenation (.) or string at /usr/sbin/spamd line 2106, line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Can't exec "/bin/vuserinfo": Aucun fichier ou répertoire de ce type at /usr/sbin/spamd line 2106, line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $vpopdir in concatenation (.) or string at /usr/sbin/spamd line 2111, line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Can't exec "/bin/valias": Aucun fichier ou répertoire de ce type at /usr/sbin/spamd line 2111, line 2.
Jan 27 21:09:57 sd-24020 spamd[27806]: Use of uninitialized value $dir in scalar chomp at /usr/sbin/spamd line 2118, line 2.
??
@Ross : I had the same issue on a recent install
I ve fixed this by adding
--virtual-config-dir=/home/vpopmail/.spamassassin
on the options into /etc/default/spamassassin