Spamassassin
siehe auch SendMail
Konfig
/etc/mail/spamassassin/v310.pre
# DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC
Qmail/Vpopmail
# /etc/default/spamassassin # Duncan Findlay # WARNING: please read README.spamd before using. # There may be security risks. # Change to one to enable spamd ENABLED=1 # Options # See man spamd for possible options. The -d option is automatically added. # NOTE: version 3.0.x has switched to a "preforking" model, so you # need to make sure --max-children is not set to anything higher than # 5, unless you know what you're doing. OPTIONS="-u vpopmail -g vchkpw -v --create-prefs --max-children 5 --helper-home-dir" # Pid file # Where should spamd write its PID to file? If you use the -u or # --username option above, this needs to be writable by that user. # Otherwise, the init script will not be able to shut spamd down. PIDFILE="/var/run/spamd.pid" # Set nice level of spamd #NICE="--nicelevel 15"
Damit die user-prefs für vpopmail-accounts richtig geschrieben werden kann, muss spamd gepatched werden, da es sonst nicht geht (http://issues.apache.org/SpamAssassin/show_bug.cgi?id=4714): von http://issues.apache.org/SpamAssassin/attachment.cgi?id=3377
1750,1757c1750,1774 < $dir = `$vpopdir/bin/vuserinfo -d $username`; < if ($? != 0) { < # < # If vuserinfo failed $username could be an alias < # < $dir = `$vpopdir/bin/valias $username`; < if ($? == 0 && $dir !~ /.+ -> &/) { < $dir =~ s,.+ -> (/.+)/Maildir/,$1,; --- > my $itterations = 0; > my $max_itterations = 20; > my $found = 0; > while(!$found && ( $itterations < $max_itterations ) ) { > $itterations++; > $dir = `$vpopdir/bin/vuserinfo -d $username`; > if ($? != 0) { > # > # If vuserinfo failed $username could be an alias > # > $dir = `$vpopdir/bin/valias $username`; > chomp($dir); > if ($? == 0) { > $dir =~ s,.+ -> (.+),$1,; > $username = "$1"; > $username =~ s,&,,g; > > if ("$dir" =~ /\|/) { > $dir = $vpopdir; > $found = 1; > } > } elsif("$dir" eq "" || "$dir" eq "invalid domain, not in qmail assign file") { > $dir = $vpopdir; > $found = 1; > } 1759c1776 < undef($dir); --- > $found = 1; 1760a1778 > chomp($username);
Ham/Spam-Fütterung via Email
http://www.huschi.net/11_148_de.html
Jeder User hat seine eigene Bayes-Datenbank (sa-learn -u $sender --dbpath $userdir)
#/etc/logrotate.d/sa-learn /var/log/sa-learn.log { weekly delaycompress rotate 4 compress create 640 vpopmail vchkpw }
#!/usr/bin/perl -w
use strict;
use MIME::Tools;
use MIME::Parser;
my $DEBUG = 0;
my $LOGFILE = '/var/log/sa-learn.log';
my $UNPACK_DIR = '/var/spool/unpack';
my $SA_LEARN = '/usr/bin/sa-learn';
my @DOMAINS = qw/gtmp.org winnink.org/;
my ($spamham, $sender) = @ARGV;
my $sender2 = $ENV{SENDER};
my $domain = (split(/@/, $sender2))[1];
my $username = (split(/@/, $sender2))[0];
my $domdir = `/var/vpopmail/bin/vdominfo -d $domain`;
chomp($domdir);
my $userdir = "$domdir"."/$username"."/.spamassassin/";
sub recurs
{
my $ent = shift;
if ($ent->head->mime_type eq 'message/rfc822') {
if ($DEBUG) {
#unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$";
open(OUT, "|$SA_LEARN -D -u $sender2 --dbpath $userdir $spamham --single >>$LOGFILE 2>&1") or die "Cannot pipe $SA_LEARN: $!";
} else {
open(OUT, "|$SA_LEARN -u $sender2 --dbpath $userdir $spamham --single") or die "Cannot pipe $SA_LEARN: $!";
}
$ent->bodyhandle->print(\*OUT);
close(OUT);
return;
}
my @parts = $ent->parts;
if (@parts) {
map { recurs($_) } @parts;
}
}
#my ($domain) = $sender =~ /\@(.*)$/;
#unless (grep { $_ eq $domain } @DOMAINS) {
# die "I don't recognize your domain !";
#}
if ($DEBUG) {
MIME::Tools->debugging(1);
open(STDERR, '>>/tmp/spam_err.log');
}
my $parser = new MIME::Parser;
$parser->extract_nested_messages(0);
$parser->output_under($UNPACK_DIR);
my $entity;
eval {
$entity = $parser->parse(\*STDIN);
};
if ($@) {
die $@;
} else {
recurs($entity);
}
$parser->filer->purge;
rmdir $parser->output_dir;
Aktivierung über .qmail, z.b. /var/vpopmail/domains/fffff.tld/learn-spam/.qmail
|/var/qmail/bin/preline /usr/local/bin/sa-wrapper.pl --spam
und im qmail-send-log finden sich die Ergebnisse dazu.
@4000000045e9d8db229274cc new msg 635402 @4000000045e9d8db22927c9c info msg 635402: bytes 6395 from <user@domain.de> qp 6987 uid 64011 @4000000045e9d8db2380c884 starting delivery 1179: msg 635402 to local domain.eu-learn-spam@domain.eu @4000000045e9d8db2380d43c status: local 1/10 remote 0/20 @4000000045e9d8e10f48c5ec delivery 1179: success: Learned_tokens_from_0_message(s)_(1_message(s)_examined)/Learned_tokens_from_0_message(s)_(1_message(s)_examined)/did_0+0+1/ @4000000045e9d8e10f48d58c status: local 0/10 remote 0/20 @4000000045e9d8e10f48dd5c end msg 635402
Ham/Spam-Fütterung via IMAP-Ordner
als Vorlage diente http://www.pqpq.de/2006/01/28/sh-sa-learnsh/ bzw. http://katastrophos.net/andre/blog/2006/10/03/vpopmail-maildrop-sqwebmail-mailfilter-patch/
das Script sa-learn.sh wird jede Stunde aufgerufen und durchläuft jede User-Mailbox. Gibt es dort ein Ordner z.B. 'LearnSPAM' bzw. 'LearnHAM' mit E-Mail(s), so wird diese Mail 'trainiert' und danach gelöscht. Zusätzlich wird eine Info-Mail mit einer kurzen Anleitung erstellt.
Userinterface
http://www.misak.dk/blog/index.php/archives/category/phpsaadmin/
Bilderkennung
Plugin für SpamAssassin: FuzzyOcr (als Erweiterung von OcrPlugin). http://www.huschi.net/11_207_de.html
http://users.own-hero.net/~decoder/fuzzyocr/
http://wiki.apache.org/spamassassin/FuzzyOcrPlugin
Statistiken
http://www.rulesemporium.com/programs/sa-stats-1.0.txt
http://software.inl.fr/trac/trac.cgi/wiki/EdenMail/SpamStats?