Spamassassin: Unterschied zwischen den Versionen
(learn via imap) |
K (cats) |
||
Zeile 1: | Zeile 1: | ||
siehe auch [[SendMail]] | siehe auch [[SendMail|SendMail]] | ||
=Konfig= | = Konfig = | ||
/etc/mail/spamassassin/v310.pre | |||
<pre> | /etc/mail/spamassassin/v310.pre | ||
# DCC - perform DCC message checks. | <pre># DCC - perform DCC message checks. | ||
# | # | ||
# DCC is disabled here because it is not open source. See the DCC | # DCC is disabled here because it is not open source. See the DCC | ||
Zeile 10: | Zeile 10: | ||
# | # | ||
loadplugin Mail::SpamAssassin::Plugin::DCC | loadplugin Mail::SpamAssassin::Plugin::DCC | ||
</pre> | </pre> | ||
== Webconfig == | |||
http://www.yrex.com/spam/spamconfig.php | |||
http://www.yrex.com/spam/spamconfig.php | |||
=Qmail/Vpopmail= | = Qmail/Vpopmail = | ||
<pre> | <pre># /etc/default/spamassassin | ||
# /etc/default/spamassassin | |||
# Duncan Findlay | # Duncan Findlay | ||
Zeile 43: | Zeile 42: | ||
# Set nice level of spamd | # Set nice level of spamd | ||
#NICE="--nicelevel 15" | #NICE="--nicelevel 15" | ||
</pre> | </pre> | ||
<br> Damit die user-prefs für vpopmail-accounts richtig geschrieben werden kann, muss spamd gepatched werden, da es sonst nicht geht (http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4714): von http://issues.apache.org/SpamAssassin/attachment.cgi?id=3377 | |||
<pre>1750,1757c1750,1774 | |||
Damit die user-prefs für vpopmail-accounts richtig geschrieben werden kann, muss spamd gepatched werden, da es sonst nicht geht (http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4714): | < $dir = `$vpopdir/bin/vuserinfo -d $username`; | ||
von http://issues.apache.org/SpamAssassin/attachment.cgi?id=3377 | < if ($? != 0) { | ||
<pre> | < # | ||
1750,1757c1750,1774 | < # If vuserinfo failed $username could be an alias | ||
< # | |||
< $dir = `$vpopdir/bin/valias $username`; | |||
< if ($? == 0 && $dir !~ /.+ -> &/) { | |||
< $dir =~ s,.+ -> (/.+)/Maildir/,$1,; | |||
--- | --- | ||
> my $itterations = 0; | |||
> my $max_itterations = 20; | |||
> my $found = 0; | |||
> while(!$found && ( $itterations < $max_itterations ) ) { | |||
> $itterations++; | |||
> $dir = `$vpopdir/bin/vuserinfo -d $username`; | |||
> if ($? != 0) { | |||
> # | |||
> # If vuserinfo failed $username could be an alias | |||
> # | |||
> $dir = `$vpopdir/bin/valias $username`; | |||
> chomp($dir); | |||
> if ($? == 0) { | |||
> $dir =~ s,.+ -> (.+),$1,; | |||
> $username = "$1"; | |||
> $username =~ s,&,,g; | |||
> | |||
> if ("$dir" =~ /\|/) { | |||
> $dir = $vpopdir; | |||
> $found = 1; | |||
> } | |||
> } elsif("$dir" eq "" || "$dir" eq "invalid domain, not in qmail assign file") { | |||
> $dir = $vpopdir; | |||
> $found = 1; | |||
> } | |||
1759c1776 | 1759c1776 | ||
< undef($dir); | |||
--- | --- | ||
> $found = 1; | |||
1760a1778 | 1760a1778 | ||
> chomp($username); | |||
</pre> | </pre> | ||
== Ham/Spam-Fütterung via Email == | |||
http://www.huschi.net/11_148_de.html | |||
http://www.huschi.net/11_148_de.html | |||
Jeder User hat seine eigene Bayes-Datenbank (sa-learn -u $sender --dbpath $userdir) | Jeder User hat seine eigene Bayes-Datenbank (sa-learn -u $sender --dbpath $userdir) | ||
<pre>#/etc/logrotate.d/sa-learn | |||
<pre> | |||
#/etc/logrotate.d/sa-learn | |||
/var/log/sa-learn.log { | /var/log/sa-learn.log { | ||
weekly | weekly | ||
Zeile 106: | Zeile 99: | ||
create 640 vpopmail vchkpw | create 640 vpopmail vchkpw | ||
} | } | ||
</pre> | </pre> <pre>#!/usr/bin/perl -w | ||
# Time-stamp: <05 April 2004, 13:37 home> | |||
<pre> | |||
#!/usr/bin/perl -w | |||
# Time-stamp: | |||
# | # | ||
# sa-wrapper.pl | # sa-wrapper.pl | ||
Zeile 149: | Zeile 139: | ||
my $ent = shift; | my $ent = shift; | ||
if ($ent- | if ($ent->head->mime_type eq 'message/rfc822') { | ||
if ($DEBUG) { | if ($DEBUG) { | ||
#unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$"; | #unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$"; | ||
open(OUT, "|$SA_LEARN -D -u $sender2 --dbpath $userdir $spamham --single | open(OUT, "|$SA_LEARN -D -u $sender2 --dbpath $userdir $spamham --single >>$LOGFILE 2>&1") or die "Cannot pipe $SA_LEARN: $!"; | ||
} else { | } else { | ||
open(OUT, "|$SA_LEARN -u $sender2 --dbpath $userdir $spamham --single") or die "Cannot pipe $SA_LEARN: $!"; | open(OUT, "|$SA_LEARN -u $sender2 --dbpath $userdir $spamham --single") or die "Cannot pipe $SA_LEARN: $!"; | ||
} | } | ||
$ent- | $ent->bodyhandle->print(\*OUT); | ||
close(OUT); | close(OUT); | ||
Zeile 163: | Zeile 153: | ||
} | } | ||
my @parts = $ent- | my @parts = $ent->parts; | ||
if (@parts) { | if (@parts) { | ||
Zeile 173: | Zeile 163: | ||
#my ($domain) = $sender =~ /\@(.*)$/; | #my ($domain) = $sender =~ /\@(.*)$/; | ||
#unless (grep { $_ eq $domain } @DOMAINS) { | #unless (grep { $_ eq $domain } @DOMAINS) { | ||
# die "I don't recognize your domain !"; | # die "I don't recognize your domain !"; | ||
#} | #} | ||
if ($DEBUG) { | if ($DEBUG) { | ||
MIME::Tools- | MIME::Tools->debugging(1); | ||
open(STDERR, ' | open(STDERR, '>>/tmp/spam_err.log'); | ||
} | } | ||
my $parser = new MIME::Parser; | my $parser = new MIME::Parser; | ||
$parser- | $parser->extract_nested_messages(0); | ||
$parser- | $parser->output_under($UNPACK_DIR); | ||
my $entity; | my $entity; | ||
eval { | eval { | ||
$entity = $parser- | $entity = $parser->parse(\*STDIN); | ||
}; | }; | ||
Zeile 195: | Zeile 185: | ||
} | } | ||
$parser- | $parser->filer->purge; | ||
rmdir $parser- | rmdir $parser->output_dir; | ||
</pre> | </pre> | ||
Aktivierung über .qmail: | |||
/var/vpopmail/domains/fffff.tld/learn-spam/.qmail | |||
|/var/qmail/bin/preline /usr/local/bin/sa-wrapper.pl --spam | |/var/qmail/bin/preline /usr/local/bin/sa-wrapper.pl --spam | ||
und im qmail-send-log finden sich die Ergebnisse dazu. | und im qmail-send-log finden sich die Ergebnisse dazu. | ||
<pre> | <pre>@4000000045e9d8db229274cc new msg 635402 | ||
@4000000045e9d8db229274cc new msg 635402 | @4000000045e9d8db22927c9c info msg 635402: bytes 6395 from <user@domain.de> qp 6987 uid 64011 | ||
@4000000045e9d8db22927c9c info msg 635402: bytes 6395 from | |||
@4000000045e9d8db2380c884 starting delivery 1179: msg 635402 to local domain.eu-learn-spam@domain.eu | @4000000045e9d8db2380c884 starting delivery 1179: msg 635402 to local domain.eu-learn-spam@domain.eu | ||
@4000000045e9d8db2380d43c status: local 1/10 remote 0/20 | @4000000045e9d8db2380d43c status: local 1/10 remote 0/20 | ||
Zeile 213: | Zeile 202: | ||
@4000000045e9d8e10f48d58c status: local 0/10 remote 0/20 | @4000000045e9d8e10f48d58c status: local 0/10 remote 0/20 | ||
@4000000045e9d8e10f48dd5c end msg 635402 | @4000000045e9d8e10f48dd5c end msg 635402 | ||
</pre> | </pre> | ||
== Ham/Spam-Fütterung via IMAP-Ordner == | |||
als Vorlage diente http://www.pqpq.de/2006/01/28/sh-sa-learnsh/ bzw. http://katastrophos.net/andre/blog/2006/10/03/vpopmail-maildrop-sqwebmail-mailfilter-patch/ | |||
das Script sa-learn.sh wird jede Stunde aufgerufen und durchläuft jede User-Mailbox. Gibt es dort ein Ordner z.B. 'LearnSPAM' bzw. 'LearnHAM' mit E-Mail(s), so wird diese Mail 'trainiert' und danach gelöscht. Zusätzlich wird eine Info-Mail mit einer kurzen Anleitung erstellt. | |||
== Userinterface == | |||
http://www.misak.dk/blog/index.php/archives/category/phpsaadmin/ | |||
= | = How to update SARE rulesets via Apache SpamAssassin's sa-update = | ||
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt | |||
== | = Bilderkennung = | ||
Plugin für SpamAssassin: FuzzyOcr (als Erweiterung von OcrPlugin). http://www.huschi.net/11_207_de.html<br> http://users.own-hero.net/~decoder/fuzzyocr/<br> http://wiki.apache.org/spamassassin/FuzzyOcrPlugin | |||
http:// | |||
= | = Statistiken = | ||
http://www.rulesemporium.com/programs/sa-stats-1.0.txt<br> http://software.inl.fr/trac/trac.cgi/wiki/EdenMail/SpamStats? | |||
http://www.rulesemporium.com/programs/sa-stats-1.0.txt<br> | |||
http://software.inl.fr/trac/trac.cgi/wiki/EdenMail/SpamStats? | |||
[[Category:Linux]] [[Category:Mail]] | |||
[[ | [[Kategorie:Linux]] | ||
[[Kategorie:Mail]] | |||
[[Kategorie:AntiSpam]] |
Version vom 18. Dezember 2008, 22:50 Uhr
siehe auch SendMail
Konfig
/etc/mail/spamassassin/v310.pre
# DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC
Webconfig
http://www.yrex.com/spam/spamconfig.php
Qmail/Vpopmail
# /etc/default/spamassassin # Duncan Findlay # WARNING: please read README.spamd before using. # There may be security risks. # Change to one to enable spamd ENABLED=1 # Options # See man spamd for possible options. The -d option is automatically added. # NOTE: version 3.0.x has switched to a "preforking" model, so you # need to make sure --max-children is not set to anything higher than # 5, unless you know what you're doing. OPTIONS="-u vpopmail -g vchkpw -v --create-prefs --max-children 5 --helper-home-dir" # Pid file # Where should spamd write its PID to file? If you use the -u or # --username option above, this needs to be writable by that user. # Otherwise, the init script will not be able to shut spamd down. PIDFILE="/var/run/spamd.pid" # Set nice level of spamd #NICE="--nicelevel 15"
Damit die user-prefs für vpopmail-accounts richtig geschrieben werden kann, muss spamd gepatched werden, da es sonst nicht geht (http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4714): von http://issues.apache.org/SpamAssassin/attachment.cgi?id=3377
1750,1757c1750,1774 < $dir = `$vpopdir/bin/vuserinfo -d $username`; < if ($? != 0) { < # < # If vuserinfo failed $username could be an alias < # < $dir = `$vpopdir/bin/valias $username`; < if ($? == 0 && $dir !~ /.+ -> &/) { < $dir =~ s,.+ -> (/.+)/Maildir/,$1,; --- > my $itterations = 0; > my $max_itterations = 20; > my $found = 0; > while(!$found && ( $itterations < $max_itterations ) ) { > $itterations++; > $dir = `$vpopdir/bin/vuserinfo -d $username`; > if ($? != 0) { > # > # If vuserinfo failed $username could be an alias > # > $dir = `$vpopdir/bin/valias $username`; > chomp($dir); > if ($? == 0) { > $dir =~ s,.+ -> (.+),$1,; > $username = "$1"; > $username =~ s,&,,g; > > if ("$dir" =~ /\|/) { > $dir = $vpopdir; > $found = 1; > } > } elsif("$dir" eq "" || "$dir" eq "invalid domain, not in qmail assign file") { > $dir = $vpopdir; > $found = 1; > } 1759c1776 < undef($dir); --- > $found = 1; 1760a1778 > chomp($username);
Ham/Spam-Fütterung via Email
http://www.huschi.net/11_148_de.html
Jeder User hat seine eigene Bayes-Datenbank (sa-learn -u $sender --dbpath $userdir)
#/etc/logrotate.d/sa-learn /var/log/sa-learn.log { weekly delaycompress rotate 4 compress create 640 vpopmail vchkpw }
#!/usr/bin/perl -w
- Time-stamp: <05 April 2004, 13:37 home>
- sa-wrapper.pl
- SpamAssassin sa-learn wrapper
- (c) Alexandre Jousset, 2004
- This script is GPL'd
- Thanks to: Chung-Kie Tung for the removal of the dir
- Adam Gent for bug report
- v1.2
- added support for user-bayes-db
use strict; use MIME::Tools; use MIME::Parser;
my $DEBUG = 0; my $LOGFILE = '/var/log/sa-learn.log'; my $UNPACK_DIR = '/var/spool/unpack'; my $SA_LEARN = '/usr/bin/sa-learn'; my @DOMAINS = qw/gtmp.org winnink.org/;
my ($spamham, $sender) = @ARGV; my $sender2 = $ENV{SENDER};
my $domain = (split(/@/, $sender2))[1]; my $username = (split(/@/, $sender2))[0];
my $domdir = `/var/vpopmail/bin/vdominfo -d $domain`; chomp($domdir);
my $userdir = "$domdir"."/$username"."/.spamassassin/";
sub recurs {
my $ent = shift;if ($ent->head->mime_type eq 'message/rfc822') { if ($DEBUG) { #unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$"; open(OUT, "|$SA_LEARN -D -u $sender2 --dbpath $userdir $spamham --single >>$LOGFILE 2>&1") or die "Cannot pipe $SA_LEARN: $!"; } else { open(OUT, "|$SA_LEARN -u $sender2 --dbpath $userdir $spamham --single") or die "Cannot pipe $SA_LEARN: $!"; }$ent->bodyhandle->print(\*OUT);close(OUT); return; }my @parts = $ent->parts;if (@parts) { map { recurs($_) } @parts; }}
- my ($domain) = $sender =~ /\@(.*)$/;
- unless (grep { $_ eq $domain } @DOMAINS) {
- die "I don't recognize your domain !";
- }
if ($DEBUG) {
MIME::Tools->debugging(1); open(STDERR, '>>/tmp/spam_err.log');} my $parser = new MIME::Parser; $parser->extract_nested_messages(0); $parser->output_under($UNPACK_DIR);
my $entity; eval {
$entity = $parser->parse(\*STDIN);};
if ($@) {
die $@;} else {
recurs($entity);}
$parser->filer->purge; rmdir $parser->output_dir;
Aktivierung über .qmail:
/var/vpopmail/domains/fffff.tld/learn-spam/.qmail
|/var/qmail/bin/preline /usr/local/bin/sa-wrapper.pl --spam
und im qmail-send-log finden sich die Ergebnisse dazu.
@4000000045e9d8db229274cc new msg 635402 @4000000045e9d8db22927c9c info msg 635402: bytes 6395 from <user@domain.de> qp 6987 uid 64011 @4000000045e9d8db2380c884 starting delivery 1179: msg 635402 to local domain.eu-learn-spam@domain.eu @4000000045e9d8db2380d43c status: local 1/10 remote 0/20 @4000000045e9d8e10f48c5ec delivery 1179: success: Learned_tokens_from_0_message(s)_(1_message(s)_examined)/Learned_tokens_from_0_message(s)_(1_message(s)_examined)/did_0+0+1/ @4000000045e9d8e10f48d58c status: local 0/10 remote 0/20 @4000000045e9d8e10f48dd5c end msg 635402
Ham/Spam-Fütterung via IMAP-Ordner
als Vorlage diente http://www.pqpq.de/2006/01/28/sh-sa-learnsh/ bzw. http://katastrophos.net/andre/blog/2006/10/03/vpopmail-maildrop-sqwebmail-mailfilter-patch/
das Script sa-learn.sh wird jede Stunde aufgerufen und durchläuft jede User-Mailbox. Gibt es dort ein Ordner z.B. 'LearnSPAM' bzw. 'LearnHAM' mit E-Mail(s), so wird diese Mail 'trainiert' und danach gelöscht. Zusätzlich wird eine Info-Mail mit einer kurzen Anleitung erstellt.
Userinterface
http://www.misak.dk/blog/index.php/archives/category/phpsaadmin/
How to update SARE rulesets via Apache SpamAssassin's sa-update
http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
Bilderkennung
Plugin für SpamAssassin: FuzzyOcr (als Erweiterung von OcrPlugin). http://www.huschi.net/11_207_de.html
http://users.own-hero.net/~decoder/fuzzyocr/
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Statistiken
http://www.rulesemporium.com/programs/sa-stats-1.0.txt
http://software.inl.fr/trac/trac.cgi/wiki/EdenMail/SpamStats?