Posts Tagged ‘spam’

Updated .mailfilter for Courier Maildrop and SpamAssassin

April 26th, 2009

My spam count has exploded in the last few days, so I made a decision to adjust my filtering a little more.

Previously, all messages that got more than 5 points in SpamAssassin tests were flagged and sent to my .Spam folder. This got to be a bit of an issue as I still check there to make sure that no emails are miscategorized… Call me crazy, but I’m a bit anal when it comes to that stuff. (I missed an interview because of Gmail’s filters, but that’s a story for another day).

For the last few days, I’ve been reviewing the spam counts for both the more cleverly hidden spam and the less-than-clever spam. I’ve come to realize that while the odds are low that any real emails will get marked as spam if they do they’ll definitely get a score less than 10. So to combat the large amount of spam that’s now coming through, emails with greater than 10 points will now be sent directly to the trash.

Here’s what I put in my .mailfilter file for courier-maildrop:

1
2
3
4
5
6
7
8
9
if ( /^X-Spam-Level: \*\*\*\*\*\*\*\*\*.*$/ )
{
exit
}

if ( /X-Spam-Flag/ )
{
to "$DEFAULT.Spam"
}

This way, anything that gets more than won’t even be delivered, and all other emails that get a spam flag (greater than 5 points) get sent to spam, then the rest of my filters are processed.

Tested the email with the GTUBE and with a normal message and it seems to work, but we’ll see if I wake up in the morning and all my email has been dumped in the trash can.

Tags: , , , , , , , , ,
Posted in email | No Comments »

Configuring Spamassassin as a Daemon on Ubuntu Intrepid

March 20th, 2009

Here is the process I took to install Spamassassin as a daemon working with Postfix to process incoming mail.

I’ll also be trying to reduce the memory footprint while still getting acceptable performance. Mind you, this is being implemented on a low volume server, so these settings may not be applicable to a production server with lots of users.

First, let’s do some prep work

1
2
3
4
5
$ sudo aptitude install spamassassin spamc
$ sudo groupadd -u 5001 spamd
$ sudo useradd -u 5001 -g spamd -s /sbin/nologin -d /var/lib/spamassassin spamd
$ sudo mkdir /var/lib/spamassassin
$ sudo chown spamd:spamd /var/lib/spamassassin

Now edit /etc/default/spamassassin and change the lines below

1
2
3
4
# /etc/default/spamassassin
ENABLED=1
SAHOME="/var/lib/spamassassin"
OPTIONS="--create-prefs --max-children 2 --username spamd -H ${SAHOME}"

Edit /etc/spamassassin/local.cf

1
2
3
4
5
6
7
8
ENABLED=1
rewrite_header Subject **SPAM _SCORE_**
required_score 5.0
use_bayes 1
bayes_auto_learn 1
use_dcc 0
use_pyzor 0
use_razor2 0

Now edit /etc/postfix/master.cf and change it to look like this:

1
2
3
4
5
6
7
8
9
# /etc/postfix/master.cf
26   inet  n - - - - smtpd
     -o content_filter=spamassassin

# Add this segment to end of file
# Spamassassin processing filter
spamassassin unix - n n - - pipe
     user=spamd argv=/usr/bin/spamc -e
     /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Now reboot some stuff

1
2
$ sudo /etc/init.d/spamassassin restart
$ sudo postfix reload

Now test by sending email to yourself. If you view the full headers it should now have X-SPAM headers in it.

If you send an email with “XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X” in the body of the email, it is guaranteed to be flagged as SPAM, and is a great way to test your spam filter.

Tags: , , , , , ,
Posted in email, system | No Comments »