forked from apache/spamassassin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
USAGE
241 lines (157 loc) · 9.03 KB
/
USAGE
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
Important Note For Users Upgrading From Earlier Versions
--------------------------------------------------------
SpamAssassin no longer includes code to handle local mail delivery, as it
was not reliable enough, compared to procmail. So now, if you relied on
spamassassin to write the mail into your mail folder, you'll have to
change your setup to use procmail as detailed below.
If you used spamassassin to filter your mail and then something else wrote
it into a folder for you, then you should be fine.
Steps to take for every installation:
- Install Mail::SpamAssassin on your mail server, as per the INSTALL
document.
- Test it:
spamassassin -t < sample-nonspam.txt > nonspam.out
spamassassin -t < sample-spam.txt > spam.out
Verify (using a text viewer, ie. "less" or "notepad") that nonspam.out
has not been tagged as spam, and that spam.out has. The files should
contain the full text and headers of the messages, the "spam.out"
message should contain the header "X-Spam-Flag: YES" and be annotated
with a report from SpamAssassin, and there should be no errors when you
run the commands.
Even though sample-nonspam.txt is not spam, nonspam.out will
contain a SpamAssassin report anyway. This is a side-effect of
the "-t" (test) switch. However, there should be less than 5
points accumulated; when the "-t" switch is not in use, the report
text would not be added. For more verbose (debugging) output, add
the "-D" switch.
If the commands do not work, DO NOT PROCEED TO THE NEXT STEP, as you
will lose mail!
If you use KMail:
- http://kmail.kde.org/tools.html mentions:
The filter setup is the work of five minutes (if that!) if you have a
working spamassassin set up.
The filter in question is "<any header><matches regexp> ."
The action is "<pipe through> spamassassin"
Then, in the advanced options, uncheck the "If this filter matches,
stop processing here" box. If you keep this filter at the top, it will
analyze any incoming mail, decide whether it's spam or not, and flag
it accordingly.
[Then add] a second filter behind it, which searches for the added
spam-flags and diverts them into a specific spam folder. [...]
If you use procmail, or haven't decided on any of the above examples:
- Make a backup of your .procmailrc (if you already have one).
cp ~/.procmailrc ~/.procmailrc.bak
- add the line from procmailrc.example to ~/.procmailrc, at the top of
the file before any existing recipes.
That'll process all mail through SA, and refile spam messages to
a folder called "caughtspam" in your home directory.
- Send yourself a mail message, and ensure it gets to you. If it does
not, copy your old backed-up .procmailrc file back into place and ask
your sysadmin for help! Here's commands to do that:
cp ~/.procmailrc.bak ~/.procmailrc
echo "Help!" | mail root
If you want to use SpamAssassin site-wide:
- take a look at the notes on the Wiki website, currently at
<https://wiki.apache.org/spamassassin/UsingSiteWide>. You will probably
want to use 'spamd' (see below). You may want to investigate the
new Apache mod_perl module, in the 'spamd-apache2' directory, too.
- *PLEASE* let your users know you've installed it, and how to turn it
off! This is our #1 tech support query, and the users are usually
pretty frustrated once it reaches that stage.
- *PLEASE* consider setting it up as "off by default" for most accounts,
and let users opt-in to using it. Quite a few folks prefer not to
have their mail filtered, presumably because they don't use their
email address publicly and do not get much spam.
- Note that procmail users adding spamc to /etc/procmailrc should
add the line 'DROPPRIVS=yes' at the top of the file.
The Auto-Welcomelist
------------------
The auto-welcomelist is enabled using the 'use_auto_welcomelist' option.
(See https://wiki.apache.org/spamassassin/AutoWelcomelist for details on
how it works, if you're curious.)
Other Installation Notes
------------------------
- SpamAssassin now uses a temporary file in /tmp (or $TMPDIR, if that's
set in the environment) for Pyzor and DCC checks. Make sure that this
directory is either (a) not writable by other users, or (b) not shared
over NFS, for security.
- You can create your own system-wide rules files in
/etc/mail/spamassassin; their filenames should end in ".cf". Multiple
files will be read, and SpamAssassin will not overwrite these files
when installing a new version.
- You should not modify the files in /usr/share/spamassassin; these
will be overwritten when you upgrade. Any changes you make in
files in the /etc/mail/spamassassin directory, however, will
override these files.
- Rules can be turned off by setting their scores to 0 in a
configuration or user-preference file.
- Speakers of Chinese, Japanese, Korean or Arabic may find it useful to
turn off the rules listed at the end of the "user_prefs.template"
file; we've found out that these rules are still triggering on
non-spam CJK mails.
- If you have an unusual network configuration, you should probably
set 'trusted_networks'. This allows SpamAssassin to determine where
your internal network ends and the internet begins, and allows DNS
checks to be more accurate. If your mail host is NATed, you will
almost certainly need to set 'trusted_networks' to get correct
results.
- A very handy new feature is SPF support, which allows you to check
that the message sender is permitted by their domain to send from the
IP address used. This has the potential to greatly cut down on mail
forgery.
- MDaemon users should add this line to their "local.cf" file:
report_safe_copy_headers X-MDRcpt-To X-MDRemoteIP X-MDaemon-Deliver-To
Otherwise, MDaemon's internal delivery will fail when SpamAssassin
rewrites a message as spam.
- The distribution includes 'spamd', a daemonized version of
SpamAssassin which runs persistently. Using its counterpart,
'spamc', a lightweight client written in C, an MTA can process
large volumes of mail through SpamAssassin without having to
fork/exec a perl interpreter for each message. Take a look in the
'spamd' and 'spamc' directories for more details.
- The distribution also includes 'spamd-apache2', a mod_perl module
allowing the Apache HTTP server to be used as a platform for a
daemonized SpamAssassin, in an upwardly-compatible fashion from
'spamd'. If you don't require some of the spamd features it does not
implement (such as switching UIDs to read per-user configuration from
user home directories), this may be much faster than spamd. Take a
look at the 'spamd-apache2' directory for details.
- spamc can now be built as a shared library for use with milters or
to link into other existing programs; simply run "make libspamc.so"
to build this.
- If you get spammed, it is helpful to everyone else if you re-run
spamassassin with the "-r" option to report the message in question as
"verified spam". This will add it to Vipul's Razor, DCC and Pyzor,
assuming you've set these up appropriately.
spamassassin -r < spam-message
If you use mutt as your mail reader, this macro will bind the X key to
report a spam message.
macro index X "| spamassassin -r"
This is, of course, optional -- but you'll get lots of good-netizen
karma. ;)
- Quite often, if you've been on the internet for a while, you'll have
accumulated a few old email accounts that nowadays get nothing but
spam. You can set these up as spam traps using SpamAssassin; see the
''SPAM TRAPPING'' section of the spamassassin manual page for details.
If you don't want to go to the bother of setting up a system yourself
to do this, take a look here [1] for a simple forwarding-based
alternative.
[1]: https://wiki.apache.org/spamassassin/SpamTrapping
- Scores and other user preferences can now be loaded from, and Bayes
and automatic reputation data can be stored in, an SQL database; see
the 'sql' subdirectory for more details.
If you are setting up a large 'spamd' system-wide installation, with
Bayes and/or automatic reputation, we strongly recommend using SQL as
storage. It has proven more reliable than the default DB_File storage
backend at several large sites. For Bayes, you should always use the
new Redis backend (see Mail::SpamAssassin::BayesStore::Redis).
- If you are running SpamAssassin under a disk quota, or are setting up
'spamd' with users with disk quotas, be warned that the DB_File
database module used by SpamAssassin for Bayes, TxRep, and AWL storage
seems to be unreliable in the face of quotas (bug 3796). In this
situation, we recommend using SQL storage for those databases, instead
of DB_File.
- Lots more ways to integrate SpamAssassin can be read at
https://wiki.apache.org/spamassassin/ .
(end of USAGE)
// vim:tw=74: