Spamassassin
siehe auch SendMail
Konfig
/etc/mail/spamassassin/v310.pre
# DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC
Qmail/Vpopmail
# /etc/default/spamassassin # Duncan Findlay # WARNING: please read README.spamd before using. # There may be security risks. # Change to one to enable spamd ENABLED=1 # Options # See man spamd for possible options. The -d option is automatically added. # NOTE: version 3.0.x has switched to a "preforking" model, so you # need to make sure --max-children is not set to anything higher than # 5, unless you know what you're doing. OPTIONS="-u vpopmail -g vchkpw -v --create-prefs --max-children 5 --helper-home-dir" # Pid file # Where should spamd write its PID to file? If you use the -u or # --username option above, this needs to be writable by that user. # Otherwise, the init script will not be able to shut spamd down. PIDFILE="/var/run/spamd.pid" # Set nice level of spamd #NICE="--nicelevel 15"
Damit die user-prefs für vpopmail-accounts richtig geschrieben werden kann, muss spamd gepatched werden, da es sonst nicht geht (http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4714): von http://issues.apache.org/SpamAssassin/attachment.cgi?id=3377
1750,1757c1750,1774 < $dir = `$vpopdir/bin/vuserinfo -d $username`; < if ($? != 0) { < # < # If vuserinfo failed $username could be an alias < # < $dir = `$vpopdir/bin/valias $username`; < if ($? == 0 && $dir !~ /.+ -> &/) { < $dir =~ s,.+ -> (/.+)/Maildir/,$1,; --- > my $itterations = 0; > my $max_itterations = 20; > my $found = 0; > while(!$found && ( $itterations < $max_itterations ) ) { > $itterations++; > $dir = `$vpopdir/bin/vuserinfo -d $username`; > if ($? != 0) { > # > # If vuserinfo failed $username could be an alias > # > $dir = `$vpopdir/bin/valias $username`; > chomp($dir); > if ($? == 0) { > $dir =~ s,.+ -> (.+),$1,; > $username = "$1"; > $username =~ s,&,,g; > > if ("$dir" =~ /\|/) { > $dir = $vpopdir; > $found = 1; > } > } elsif("$dir" eq "" || "$dir" eq "invalid domain, not in qmail assign file") { > $dir = $vpopdir; > $found = 1; > } 1759c1776 < undef($dir); --- > $found = 1; 1760a1778 > chomp($username);
Ham/Spam-Fütterung via Email
http://www.huschi.net/11_148_de.html
Jeder User hat seine eigene Bayes-Datenbank (sa-learn -u $sender --dbpath $userdir)
#/etc/logrotate.d/sa-learn /var/log/sa-learn.log { weekly delaycompress rotate 4 compress create 640 vpopmail vchkpw }
#!/usr/bin/perl -wuse strict; use MIME::Tools; use MIME::Parser;
my $DEBUG = 0; my $LOGFILE = '/var/log/sa-learn.log'; my $UNPACK_DIR = '/var/spool/unpack'; my $SA_LEARN = '/usr/bin/sa-learn'; my @DOMAINS = qw/gtmp.org winnink.org/;
my ($spamham, $sender) = @ARGV; my $sender2 = $ENV{SENDER};
my $domain = (split(/@/, $sender2))[1]; my $username = (split(/@/, $sender2))[0];
my $domdir = `/var/vpopmail/bin/vdominfo -d $domain`; chomp($domdir);
my $userdir = "$domdir"."/$username"."/.spamassassin/";
sub recurs {
my $ent = shift;
if ($ent->head->mime_type eq 'message/rfc822') { if ($DEBUG) { #unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$"; open(OUT, "|$SA_LEARN -D -u $sender2 --dbpath $userdir $spamham --single >>$LOGFILE 2>&1") or die "Cannot pipe $SA_LEARN: $!"; } else { open(OUT, "|$SA_LEARN -u $sender2 --dbpath $userdir $spamham --single") or die "Cannot pipe $SA_LEARN: $!"; }
$ent->bodyhandle->print(\*OUT);
close(OUT); return; }
my @parts = $ent->parts;if (@parts) { map { recurs($_) } @parts; }}
- my ($domain) = $sender =~ /\@(.*)$/;
- unless (grep { $_ eq $domain } @DOMAINS) {
- die "I don't recognize your domain !";
- }
if ($DEBUG) {MIME::Tools->debugging(1); open(STDERR, '>>/tmp/spam_err.log');} my $parser = new MIME::Parser; $parser->extract_nested_messages(0); $parser->output_under($UNPACK_DIR);
my $entity; eval {$entity = $parser->parse(\*STDIN);};
if ($@) {die $@;} else {
recurs($entity);}
$parser->filer->purge; rmdir $parser->output_dir;
Aktivierung über .qmail:
/var/vpopmail/domains/fffff.tld/learn-spam/.qmail
|/var/qmail/bin/preline /usr/local/bin/sa-wrapper.pl --spam
und im qmail-send-log finden sich die Ergebnisse dazu.
@4000000045e9d8db229274cc new msg 635402 @4000000045e9d8db22927c9c info msg 635402: bytes 6395 from <user@domain.de> qp 6987 uid 64011 @4000000045e9d8db2380c884 starting delivery 1179: msg 635402 to local domain.eu-learn-spam@domain.eu @4000000045e9d8db2380d43c status: local 1/10 remote 0/20 @4000000045e9d8e10f48c5ec delivery 1179: success: Learned_tokens_from_0_message(s)_(1_message(s)_examined)/Learned_tokens_from_0_message(s)_(1_message(s)_examined)/did_0+0+1/ @4000000045e9d8e10f48d58c status: local 0/10 remote 0/20 @4000000045e9d8e10f48dd5c end msg 635402
Ham/Spam-Fütterung via IMAP-Ordner
als Vorlage diente http://www.pqpq.de/2006/01/28/sh-sa-learnsh/ bzw. http://katastrophos.net/andre/blog/2006/10/03/vpopmail-maildrop-sqwebmail-mailfilter-patch/
das Script sa-learn.sh wird jede Stunde aufgerufen und durchläuft jede User-Mailbox. Gibt es dort ein Ordner z.B. 'LearnSPAM' bzw. 'LearnHAM' mit E-Mail(s), so wird diese Mail 'trainiert' und danach gelöscht. Zusätzlich wird eine Info-Mail mit einer kurzen Anleitung erstellt.
Userinterface
http://www.misak.dk/blog/index.php/archives/category/phpsaadmin/
Bilderkennung
Plugin für SpamAssassin: FuzzyOcr (als Erweiterung von OcrPlugin). http://www.huschi.net/11_207_de.html
http://users.own-hero.net/~decoder/fuzzyocr/
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Statistiken
http://www.rulesemporium.com/programs/sa-stats-1.0.txt
http://software.inl.fr/trac/trac.cgi/wiki/EdenMail/SpamStats?