Difference between pages "Cyrus-IMAP" and "SpamAssassin"

From Wikislax
(Difference between pages)
Jump to: navigation, search
(Created page with "{{RightTOC}} == What is Cyrus-IMAP ? == [http://www.cyrusimap.org/index.php Cyrus-IMAP] is an IMAP and POP server. Unlike SMTP, designed to convey mail between Mail Transfer...")
 
(Created page with "{{RightTOC}} == What is SpamAssassin ? == [http://spamassassin.apache.org/index.html SpamAssassin] checks mail for spam using syntactic rules in perl and optional external m...")
 
Line 1: Line 1:
 
{{RightTOC}}
 
{{RightTOC}}
  
== What is Cyrus-IMAP ? ==
+
== What is SpamAssassin ? ==
  
[http://www.cyrusimap.org/index.php Cyrus-IMAP] is an IMAP and POP server. Unlike SMTP, designed to convey mail between Mail Transfer Agents, IMAP and POP are designed to convey mail to clients such as Thunderbird. Cyrus-IMAP is an industrial grade server, handling IMAP folders and quotas. An option in Sendmail affords delivering mail to Cyrus-IMAP rather than writing it into the standard Unix folders '''/var/spool/mail'''. Cyrus-IMAP stores its information in a Berkeley DB database. [http://www.cyrusimap.org/mediawiki/index.php/Downloads#IMAP_Server Download Cyrus-IMAP] and untar under /usr/local. [http://www.cyrusimap.org/docs/cyrus-imapd Documentation] is available online and also in html format under the doc directory.
+
[http://spamassassin.apache.org/index.html SpamAssassin] checks mail for spam using syntactic rules in perl and optional external modules. SpamAssassin integration with MTAs requires glue code such as external daemons (amasvid-new) or [[MIMEDefang]] with the sendmail [[Milter]] interface.
  
== Installing Cyrus-imap ==
+
== Installing Perl modules ==
  
Required pre-installed sotwares and minimal versions are libsasl 2.17, Berkeley DB 3.0.55, GNU Make, makedepend, Perl 5, OpenSSL 0.9.4 and optionnally libwrap and Net-SNMP. '''--with-auth''' is the authorization module to use, unix or kerberos (krb or krb_pts). '''--with-cyrus-prefix''' is the location of the cyrus-imap executable structure, '''--cyrus-user''' is the cyrus user name, '''--with-dbdir''' is the location of the db executable structure, '''--with-openssl''' is the location of the openssl executable structure, '''--with-perl''' is the location of the perl executable, '''--with-sasl''' is the location of the libsasl executable structure, '''--enable-netscape-hack''' enables X-Netscape extension (administration URLs).
+
Perl modules can be installed interactively using the CPAN module "# '''perl -MCPAN -e shell'''". On first use, CPAN asks questions most of which can be answered by <enter>. Choose to automatically install the missing modules when detected by CPAN. In theory, this would insure that all the missing modules are installed. In practise, SpamAssassin did not work properly (no spam detected) after installing in this way, so we'd recommend to install the perl modules instead in the order described below, which worked for us.
  
  # tar -C /usr/local -xvf cyrus-imapd-x.y.z.tar.gz
+
The modules are distributed in sub-directories of /usr/local/lib64/perl5 and /usr/local/share/perl5. It is still unclear if modules can be removed or not and how. Any module failing installation can alternatively be downloaded from the [http://www.cpan.org CPAN] site and installed in this way :
 +
 
 +
  # tar -C /usr/local -xvf module-x.y.z
 
  # cd /usr/local
 
  # cd /usr/local
  # chown -R root:root cyrus-imapd-x.y.z
+
  # chown -R root:root module-x.y.z
  # cd cyrus-imapd-x.y.z
+
  # cd module-x.y.z
  # .configure --help | less
+
  # perl Makefile.PL
# ./configure --libdir=/usr/local/lib64 \
+
  # make
--mandir=/usr/local/man --with-cyrus-prefix=/usr/local --with-cyrus-user=cyrus \
 
--with-dbdir=/usr --with-openssl=/usr/local --with-perl=/usr/bin/perl \
 
--with-sasl=/usr/local --enable-netscapehack
 
# make depend
 
  # make all
 
 
  # make install
 
  # make install
# make clean
 
  
== Configuring Cyrus-imap ==
+
== Modules required by SpamAssassin ==
 +
 
 +
The modules below must be installed prior to installing SpamAssassin :
 +
 
 +
# perl -MCPAN -e shell
 +
. . .
 +
cpan> install CPAN
 +
cpan> install YAML
 +
cpan> install Digest::SHA1
 +
cpan> install HTML::Parser
 +
cpan> install Net::DNS
 +
cpan> install LWP::UserAgent
 +
cpan> install HTTP::Date
 +
cpan> install IO::Zlib
 +
cpan> install Archive::Tar
 +
cpan> install MIME::Base64
 +
cpan> install DB_File
 +
cpan> install Net::SMTP
 +
cpan> install Mail::SPF
 +
cpan> install IP::Country::Fast
 +
cpan> install Compress::Zlib
 +
cpan> install Time::HiRes
 +
cpan> install Mail::DKIM
 +
cpan> install Mail::DomainKeys
 +
cpan> install DBI
 +
cpan> install DBD
 +
cpan> install Encode::Detect
 +
cpan> install Mail::SPF::Query
 +
cpan> install Net::Ident
 +
cpan> install IO::Socket::SSL
 +
cpan> install Bundle::CPAN
 +
cpan> install IO::Stringy
 +
cpan> install Mail::Audit
 +
cpan> install Unix::Syslog
 +
cpan> quit
  
Refer to '''doc/install-configure.html''' and the imapd.conf (5) man pages. First, reconfigure '''syslog.conf''' to use two additional files, then edit '''/etc/imapd.conf''' , create the required directory structures, and last, put together the server certificate (first, encrypted part only) and private unsecure key (second) in file '''/etc/ssl/certs/server.pem''', securitizing with chmod 600.
+
== Installing SpamAssassin ==
  
Cyrus SASL has a number of options that can be configured by the application. To configure these via imapd.conf, simply prefix the appropriate option name with sasl_ (e.g. pwcheck_method becomes sasl_pwcheck_method).
+
[http://spamassassin.apache.org/downloads.cgi Download] and untar and install as below then test using the spamassassin command and check the files generated to make sure everything was OK. The -D flag affords getting an extended trace on the system output :
  
  # touch /var/log/imapd.log /var/log/auth.log
+
  # tar -tvf Mail-SpamAssassin-x.y.z.tar.gz
  # vi /etc/syslog.conf
+
  # tar -C /usr/local -xvf Mail-SpamAssassin-x.y.z.tar.gz
a
+
  # cd /usr/local/Mail-SpamAssassin-x.y.z
# this is for cyrus-imapd
+
  # perl Makefile.PL
local6.warning -/var/log/imapd.log
+
  # make
auth.warning -/var/log/auth.log
+
  # make install
:x
+
  # sa-update --updatedir /usr/local/share/spamassassin
<esc>
+
  # spamassassin -t -D < sample-nonspam.txt > nonspam.out
  # cd /etc
+
  # spamassassin -t -D < sample-spam.txt > spam.out
# vi imapd.conf
 
i
 
admins: postmaster
 
allowpop: no
 
allowplaintext: yes
 
configdirectory: /var/imap
 
lmtp_over_quota_perm_failure: yes
 
ldap_authz: proxyUser
 
ldap_base: dc=domain,dc=com
 
ldap_filter: cn=%u
 
ldap_id: proxyUser
 
ldap_mech: DIGEST-MD5
 
ldap_password: proxyPassword
 
ldap_sasl: yes
 
ldap_uri: ldap://localhost
 
mech_list: PLAIN
 
partition-default: /var/spool/imap
 
sasl_auxprop_plugin: ldapdb
 
sasl_log_level: 0
 
sasl_pwcheck_method: auxprop
 
sendmail: /usr/sbin/sendmail
 
tls_ca_file: /etc/ssl/certs/cacert.pem
 
tls_ca_path: /etc/ssl/certs
 
tls_cert_file: /etc/ssl/certs/server.pem
 
  tls_key_file: /etc/ssl/certs/server.pem
 
<esc>
 
:x
 
  # cd /var
 
  # mkdir imap
 
  # useradd -g mail cyrus
 
# chown cyrus:mail imap
 
# chmod 750 imap
 
# cd spool
 
# mkdir imap
 
# chown cyrus:mail imap
 
# chmod 750 imap
 
# su cyrus
 
$ cd /usr/local/cyrus-imap*
 
$ tools/mkimap
 
  <ctrl>d
 
# cd /etc/ssl/certs
 
# vi mtacert.pem
 
d59d
 
:$
 
:r ../private/mtakey.pem.unsecure
 
:w server.pem
 
:x
 
  # chown cyrus:mail server.pem
 
# chmod 600 server.pem
 
  
If using the older ext2fs filesystem, also set the user, quota, and partition directories to update synchronously as described in doc/install-configure.html (for ext3fs this is not necessary). Also set the queue directory of the mail daemon to update synchronously (the example given is for sendmail).
+
In practice, the basic syntactic tests in SpamAssassin are not very efficient. External modules can be used to extend, but are somewhat CPU or time-consuming. Below are a few modules that really work.
  
# cd /var/imap
+
== Installing SPF ==
# chattr +S user quota user/* quota/*
 
# chattr +S /var/spool/imap /var/spool/imap/*
 
# chattr +S /var/spool/mqueue
 
  
== Configuring Cyrus-imap SASL ==
+
[http://www.openspf.org Sender Policy Framework] is a protocol to make sure senders send from legitimate domains. Install as below :
  
For SMTP authentication, we use SASL against the OpenLDAP directory installed previously. As only mechanism, we use PLAIN, later ensuring security by forcing SSL encryption over port 465 SMTPS (actually, DIGEST-MD5 and CRAM-MD5 are not widely used, and Microsoft Outlook uses only the LOGIN non standard mechanism). Here is the content of file '''/usr/local/lib/sasl2/Cyrus.conf''' :
+
# perl -MCPAN -e shell
 +
. . .
 +
cpan> install Mail::SPF
 +
cpan> install Mail::SPF::Query
  
auxprop_plugin: ldapdb
+
== Installing DCC ==
ldapdb_id: proxyUser
 
ldapdb_mech: DIGEST-MD5
 
ldapdb_pw: proxyUserPassword
 
ldapdb_uri: ldap://localhost
 
log_level: 0
 
mech_list: PLAIN
 
pwcheck_method: auxprop
 
  
As it contains sensitive information, the owner and rights of this file should be set so that it can be read only by its user cyrus:mail.
+
The [http://www.rhyolite.com/anti-spam/dcc Distributed Checksum Clearinghouse] uses checksums of known spam to score the incoming mails. [http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z Download] then install as below :
  
== Running Cyrus-imap ==
+
# tar -C /usr/local -xvzf dcc.tar.Z
 +
# cd /usr/local/dcc-x.y.z
 +
# ./configure
 +
# make
 +
# make install
 +
# make clean
 +
# cd /var
 +
# mkdir dcc
 +
# groupadd milter
 +
# useradd -g milter -s /bin/bash milter
 +
# chown -R milter:milter dcc
  
Remove any imap, imaps, pop3, pop3s, kpop, lmtp entry from '''/etc/inetd.conf''', copy '''/etc/cyrus.conf''' from one of the templates provided under '''master/conf'''. Arrange to start '''/usr/local/bin/master''' as root when the system starts and to stop it when the system shuts down. Until the system reboots, you can start the master process by hand. Monitor the progress of the master process by examining the '''imapd.log''' file.
+
To use dcc, uncomment the dcc line in /etc/mail/spamassassin/v310.pre. Also authorize udp connections to port 6277  from your client ports and back. Provided you already accept outgoing protocols, accept port 6277 udp packets modifying /etc/rc.d/rc.firewall as below :
  
  # vi /etc/inetd.conf
+
  # vi /etc/rc.d/rc.firewall
# kill -HUP `head -1 /var/run/inetd.pid`
+
  . . .
  # cd /usr/local/cyrus-imap*
+
  iptables -A INPUT -p udp -j ACCEPT --dport 1024:65535 --sport 6277
# cp master/conf/normal.conf /etc/cyrus.conf
 
  # vi /etc/cyrus.conf
 
  #pop3        cmd="pop3d" listen="pop3" prefork=0
 
  #pop3s        cmd="pop3d -s" listen="pop3s" prefork=0
 
  notify        cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
 
<esc>
 
 
  :x
 
  :x
  # vi /etc/rc.d/rc.local
+
  # /etc/rc.d/rc.firewall restart
a
+
 
# start cyrus-imapd
+
== Installing Razor ==
if [ -x /usr/local/bin/master ]; then
+
 
echo "Starting cyrus-imap: /usr/local/bin/master &"
+
[http://razor.sourceforge.net Razor] uses checksums of known spam to score the incoming mails. It requires outbound access to tcp ports 7 and 2703. It requires perl modules Time::HiRes and Getopt::Long plus download razor-agents-x.y.tar.gz and install as below :
/usr/local/bin/master &
+
 
  fi
+
  # perl -MCPAN -e shell
  <esc>
+
  . . .
  :x
+
  cpan> install Time::HiRes
  # vi /etc/rc.d/rc.local_shutdown
+
  cpan> install Getopt::Long
  a
+
  quit
  # stop cyrus-imapd
+
  # tar -C /usr/local -xvf razor-agents-x.y.tar.gz
if [ -r /var/run/cyrus-master.pid ]; then
+
# cd razor-agents-x.y
        echo "Stopping cyrus-imapd: kill -INT `cat /var/run/cyrus-master.pid`"
+
# perl Makefile.PL && make && make install && make clean
        kill -INT `cat /var/run/cyrus-master.pid`
+
  # cd
  fi
+
  # razor-admin -create
  <esc>
+
  # razor-admin -discover
  :x
+
  # razor-admin -register
  # /usr/local/bin/master &
 
  
To test, telnet to local host:
+
== Installing Pyzor ==
  
# telnet localhost imap
+
[http://sourceforge.net/apps/trac/pyzor Pyzor] is a free database and software Hash Sharing System. It requires outbound access to udp and tcp port 24441 (from the mailing lists on the Pyzor site it seems that the Pyzor service is sometimes down). Download the tarball then install as below :
Trying 127.0.0.1...
 
Connected to localhost.
 
Escape character is '^]'.
 
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=DIGEST-MD5 AUTH=PLAIN AUTH=LOGIN AUTH=CRAM-MD5 SASL-IR] inner Cyrus IMAP4 v2.4.16 server ready
 
. login postmaster postmasterPassword
 
. OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED URLAUTH] User logged in
 
. logout
 
* BYE LOGOUT received
 
. OK Completed
 
Connection closed by foreign host.
 
  
== Administering cyrus-imap ==
+
# tar -C /usr/local -xvf pyzor-x.y.z.tar.bz2
 +
# chown -R milter:milter /usr/local/pyzor-x.y.z
 +
# wget https://bootstrap.pypa.io/ez_setup.py -O - | python
 +
# su milter
 +
$ cd /usr/local/pyzor-x.y.z
 +
$ python setup.py build
 +
$ python setup.py install
 +
$ pyzor discover
 +
$ <ctrl>d
 +
# mv /usr/bin/pyzor /usr/local/bin
 +
# mv /usr/bin/pyzord /usr/local/bin
  
Cyradm is a client for performing system administration on the Cyrus server. Currently cyradm is not available for use with '''imaps''' so it is necessary to keep '''imap''' configured in '''/etc/cyrus.conf''' to use it. If imap is not otherwise used, it is possible to limit imap listening to “127.0.0.1:imap” and to block the imap port at the firewall level. Cyradm can be launched and used as described below.
+
== Language and locale check ==
  
# cd /usr/local/cyrus-imapd-x.y.z
+
Uncomment the TextCat language guesser in v310.pre and add the following lines to local.cf :
# cd lib
 
# make
 
# cd ../perl/imap
 
# perl Makefile.PL
 
# make
 
# make install
 
# cyradm --user postmaster --auth plain localhost
 
Password:
 
Localhost>
 
  
To get the list of available commands type '''help'''. To get help on some particular command type '''help command'''. To list existing mailboxes, type '''lm'''. To create a mailbox type '''cm mailbox'''. To list mailbox rights, type '''lam mailbox'''. To delete a mailbox type '''dm mailbox'''. To set quotas on a mailbox type '''sq mailbox number''' (Kbytes).
+
# Mail using languages used in these country codes will not be marked
 +
# as being possibly spam in a foreign language.
 +
# - english french italian russian
 +
ok_languages en fr it ru
 +
 +
# Mail using locales used in these country codes will not be marked
 +
# as being possibly spam in a foreign language.
 +
# - english french italian russian
 +
ok_locales en fr it ru
  
User mailboxes names are on the form '''user.name''' and can specify dot-separated subfolders. The mailboxes not prefixed with the user keyword are shared and accessible by all users. Access to mailboxes is controlled by access control lists. At creation time the user gets all the rights on their mailboxes but the admin does not. So before deleting a mailbox, administration rights must be granted to the cyrus admin. The other access rights are :
+
Another possible option to create local.cf is to use the [http://www.yrex.com/spam/spamconfig.php Spam Assassin configuration generator].
  
l  Lookup (visible to LIST/LSUB/UNSEEN)
+
== The Bayes module ==
r  Read (SELECT, CHECK, FETCH, PARTIAL, SEARCH, COPY source)
 
s  Seen (STORE \SEEN)
 
w  Write flags other than \SEEN and \DELETED
 
i  Insert (APPEND, COPY destination)
 
p  Post (send mail to mailbox)
 
c  Create and Delete mailbox (CREATE new sub-mailboxes, RENAME or DELETE mailbox)
 
d  Delete (STORE \DELETED, EXPUNGE)
 
a  Administer (SETACL)
 
  
Here is how you create a mailbox and subfolders and quota, create and delete a mailbox. <u>Note</u> : the access rights need to be changed before you actually delete a mailbox as postmater.
+
The SpamAssassin Bayes module uses databases of previously registered hams and spams to compare with incoming mails and assign probabilities. The module requires at least 200 hams and 200 spams in order to be used (enforced at run-time), but 3000 hams and 3000 spams to be fully efficient. You must provide the training mails. sa-learn affords analyzing them and initializing the databases using mbox or mbx mail folders. However, when using cyrus-imap, none of these formats is available. It is alternatively possible to use fetchmail to dump the messages from the existing cyrus-imap mailboxes. In the example below LearnSpam and LearnHam are shared imap folders that can be created using cyradm :
  
 
  # cyradm --user postmaster --auth plain localhost
 
  # cyradm --user postmaster --auth plain localhost
  Password:
+
  Password:  
  Localhost> cm user.myUser
+
  localhost> cm LearnHam
  Localhost> cm user.myUser.Drafts
+
  localhost> sq LearnHam 307200
  Localhost> cm user.myUser.Junk
+
  localhost> sam LearnHam myUser lrswipcda
Localhost> cm user.myUser.Sent
+
  localhost> cm LearnSpam
  Localhost> cm user.myUser.Trash
+
  localhost> sq LearnSpam 307200
  Localhost> sq user.myUser 307200
+
  localhost> sam LearnSpam myUser lrswipcda
  Localhost> cm user.myErrorUser
+
  localhost> quit
Localhost> sam user.myErrorUser postmaster c
 
Localhost> dm user.myErrorUser
 
  Localhost> quit
 
  
== Sendmail interlock ==
+
Once the shared imap folders are created ham and spam mails can be manually copied using for example Thunderbird (not shown here). The Bayes database is created in the ~/.spamassassin directory using :
  
Generate a sendmail configuration file which delivers local mail to the IMAP server. Generate sendmail.cf, copy sendmail.mc and sendmail.cf to '''/etc/mail'''.
+
# sa-learn --clear
 +
# sa-learn --sync
 +
# sa-learn --dump magic
  
# cd /usr/local/sendmail*/cf/cf
+
Before invoking fetchmail create a .fetchmailrc configuration file with permissions 700 :
# vi sendmail.mc
 
a
 
define(`confLOCAL_MAILER', `cyrusv2')dnl
 
MAILER(`cyrusv2')dnl
 
# m4 ../m4/cf.m4 sendmail.mc > sendmail.cf
 
# cp sendmail.mc /etc/mail
 
# cp sendmail.cf /etc/mail
 
# /etc/rc.d/rc.sendmail restart
 
  
Last open the required ports in file '''/etc/rc.d/rc.firewall''' then restart the firewall service :
+
# vi ~/.fetchmailrc
 +
. . .
 +
poll inner.studioware.com proto imap service 993 user "myUser" pass "myPass" ssl keep
 +
<esc>
 +
 
 +
Fetchmail can now be invoked passing the mails to learn to sa-learn :
 +
 
 +
# fetchmail --folder 'LearnSpam' -m 'sa-learn --spam'
 +
# fetchmail --folder 'LearnHam' -m 'sa-learn --ham'
  
iptables -A INPUT -p tcp -j ACCEPT --dport 143 -m state --state NEW -s 192.168.0.0/24
+
== Running SpamAssassin ==
# /etc/rc.d/rc.firewall restart
 
  
You should now be able to configure pop and imap mail accounts in a mail client to test the service. To solve issues, check the firewall logs and '''/var/log/maillog'''.
+
SpamAssassin is not ran as such but used from the perl in MIMEDefang, itself being launched by the sendmail milter interface. So there is no daemon to put in place and nothing to launch !
  
 
<br/>
 
<br/>
  
{{pFoot|[[Sendmail]]|[[Main Page]]|[[SpamAssassin]]}}
+
{{pFoot|[[Cyrus-IMAP]]|[[Main Page]]|[[ClamAV]]}}

Latest revision as of 23:31, 6 December 2017

What is SpamAssassin ?

SpamAssassin checks mail for spam using syntactic rules in perl and optional external modules. SpamAssassin integration with MTAs requires glue code such as external daemons (amasvid-new) or MIMEDefang with the sendmail Milter interface.

Installing Perl modules

Perl modules can be installed interactively using the CPAN module "# perl -MCPAN -e shell". On first use, CPAN asks questions most of which can be answered by <enter>. Choose to automatically install the missing modules when detected by CPAN. In theory, this would insure that all the missing modules are installed. In practise, SpamAssassin did not work properly (no spam detected) after installing in this way, so we'd recommend to install the perl modules instead in the order described below, which worked for us.

The modules are distributed in sub-directories of /usr/local/lib64/perl5 and /usr/local/share/perl5. It is still unclear if modules can be removed or not and how. Any module failing installation can alternatively be downloaded from the CPAN site and installed in this way : 

# tar -C /usr/local -xvf module-x.y.z
# cd /usr/local
# chown -R root:root module-x.y.z
# cd module-x.y.z
# perl Makefile.PL
# make
# make install

Modules required by SpamAssassin

The modules below must be installed prior to installing SpamAssassin : 

# perl -MCPAN -e shell
. . .
cpan> install CPAN
cpan> install YAML
cpan> install Digest::SHA1
cpan> install HTML::Parser
cpan> install Net::DNS
cpan> install LWP::UserAgent
cpan> install HTTP::Date
cpan> install IO::Zlib
cpan> install Archive::Tar
cpan> install MIME::Base64
cpan> install DB_File
cpan> install Net::SMTP
cpan> install Mail::SPF
cpan> install IP::Country::Fast
cpan> install Compress::Zlib
cpan> install Time::HiRes
cpan> install Mail::DKIM
cpan> install Mail::DomainKeys
cpan> install DBI
cpan> install DBD
cpan> install Encode::Detect
cpan> install Mail::SPF::Query
cpan> install Net::Ident
cpan> install IO::Socket::SSL
cpan> install Bundle::CPAN
cpan> install IO::Stringy
cpan> install Mail::Audit
cpan> install Unix::Syslog
cpan> quit

Installing SpamAssassin

Download and untar and install as below then test using the spamassassin command and check the files generated to make sure everything was OK. The -D flag affords getting an extended trace on the system output : 

# tar -tvf Mail-SpamAssassin-x.y.z.tar.gz
# tar -C /usr/local -xvf Mail-SpamAssassin-x.y.z.tar.gz
# cd /usr/local/Mail-SpamAssassin-x.y.z
# perl Makefile.PL
# make
# make install
# sa-update --updatedir /usr/local/share/spamassassin
# spamassassin -t -D < sample-nonspam.txt > nonspam.out
# spamassassin -t -D < sample-spam.txt > spam.out

In practice, the basic syntactic tests in SpamAssassin are not very efficient. External modules can be used to extend, but are somewhat CPU or time-consuming. Below are a few modules that really work.

Installing SPF

Sender Policy Framework is a protocol to make sure senders send from legitimate domains. Install as below : 

# perl -MCPAN -e shell
. . .
cpan> install Mail::SPF
cpan> install Mail::SPF::Query

Installing DCC

The Distributed Checksum Clearinghouse uses checksums of known spam to score the incoming mails. Download then install as below : 

# tar -C /usr/local -xvzf dcc.tar.Z
# cd /usr/local/dcc-x.y.z
# ./configure
# make
# make install
# make clean
# cd /var
# mkdir dcc
# groupadd milter
# useradd -g milter -s /bin/bash milter
# chown -R milter:milter dcc

To use dcc, uncomment the dcc line in /etc/mail/spamassassin/v310.pre. Also authorize udp connections to port 6277 from your client ports and back. Provided you already accept outgoing protocols, accept port 6277 udp packets modifying /etc/rc.d/rc.firewall as below : 

# vi /etc/rc.d/rc.firewall
. . .
iptables -A INPUT -p udp -j ACCEPT --dport 1024:65535 --sport 6277
:x
# /etc/rc.d/rc.firewall restart

Installing Razor

Razor uses checksums of known spam to score the incoming mails. It requires outbound access to tcp ports 7 and 2703. It requires perl modules Time::HiRes and Getopt::Long plus download razor-agents-x.y.tar.gz and install as below : 

# perl -MCPAN -e shell
. . .
cpan> install Time::HiRes
cpan> install Getopt::Long
quit
# tar -C /usr/local -xvf razor-agents-x.y.tar.gz
# cd razor-agents-x.y
# perl Makefile.PL && make && make install && make clean
# cd
# razor-admin -create
# razor-admin -discover
# razor-admin -register

Installing Pyzor

Pyzor is a free database and software Hash Sharing System. It requires outbound access to udp and tcp port 24441 (from the mailing lists on the Pyzor site it seems that the Pyzor service is sometimes down). Download the tarball then install as below : 

# tar -C /usr/local -xvf pyzor-x.y.z.tar.bz2
# chown -R milter:milter /usr/local/pyzor-x.y.z
# wget https://bootstrap.pypa.io/ez_setup.py -O - | python
# su milter
$ cd /usr/local/pyzor-x.y.z
$ python setup.py build
$ python setup.py install
$ pyzor discover
$ <ctrl>d
# mv /usr/bin/pyzor /usr/local/bin
# mv /usr/bin/pyzord /usr/local/bin

Language and locale check

Uncomment the TextCat language guesser in v310.pre and add the following lines to local.cf : 

# Mail using languages used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - english french italian russian
ok_languages en fr it ru

# Mail using locales used in these country codes will not be marked
# as being possibly spam in a foreign language.
# - english french italian russian
ok_locales en fr it ru

Another possible option to create local.cf is to use the Spam Assassin configuration generator.

The Bayes module

The SpamAssassin Bayes module uses databases of previously registered hams and spams to compare with incoming mails and assign probabilities. The module requires at least 200 hams and 200 spams in order to be used (enforced at run-time), but 3000 hams and 3000 spams to be fully efficient. You must provide the training mails. sa-learn affords analyzing them and initializing the databases using mbox or mbx mail folders. However, when using cyrus-imap, none of these formats is available. It is alternatively possible to use fetchmail to dump the messages from the existing cyrus-imap mailboxes. In the example below LearnSpam and LearnHam are shared imap folders that can be created using cyradm : 

# cyradm --user postmaster --auth plain localhost
Password: 
localhost> cm LearnHam
localhost> sq LearnHam 307200
localhost> sam LearnHam myUser lrswipcda
localhost> cm LearnSpam
localhost> sq LearnSpam 307200
localhost> sam LearnSpam myUser lrswipcda
localhost> quit

Once the shared imap folders are created ham and spam mails can be manually copied using for example Thunderbird (not shown here). The Bayes database is created in the ~/.spamassassin directory using : 

# sa-learn --clear
# sa-learn --sync
# sa-learn --dump magic

Before invoking fetchmail create a .fetchmailrc configuration file with permissions 700 : 

# vi ~/.fetchmailrc
. . .
poll inner.studioware.com proto imap service 993 user "myUser" pass "myPass" ssl keep
<esc>

Fetchmail can now be invoked passing the mails to learn to sa-learn : 

# fetchmail --folder 'LearnSpam' -m 'sa-learn --spam'
# fetchmail --folder 'LearnHam' -m 'sa-learn --ham'

Running SpamAssassin

SpamAssassin is not ran as such but used from the perl in MIMEDefang, itself being launched by the sendmail milter interface. So there is no daemon to put in place and nothing to launch !


Cyrus-IMAP Main Page ClamAV
Retrieved from "http://studioware.com/wikislax/index.php?title=Cyrus-IMAP&oldid=28"