Mail Server Part II: SpamAssassin

piaoling  2015-06-08 13:39:58
Mail Server Part I: The Basics

In our previous installment, we set up a Postfix and Dovecot mail server with virtual domains and users on Ubuntu 12.04. It works really well. It works so well that everybody wants to use our new mail server to sell us Viagra and cheap home loans. So like any exclusive club, we need to be careful about who we let in. Enter SpamAssassin.

Setting Up SpamAssassin

Step 1: Install SpamAssassin and its client.

$ apt-get install spamassassin spamc

Step 2: Add a user for the SpamAssassin daemon.

$ adduser spamd --disabled-login

Step 3: Edit the configuration settings at /etc/default/spamassassin .

I’ll only list the values I’m changing.

# Change to one to enable the SpamAssassin daemon
# Set the username, home directory and log file
OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir ${SPAMD_HOME} -s ${SPAMD_HOME}spamd.log"
# Set a location for the Process ID file
# Set the sa-update process to update SpamAssassin's rules automatically on a nightly basis

Step 4. Edit /etc/spamassassin/ to set up some anti-spam rules.

I used the following settings:

rewrite_header Subject ***** SPAM _SCORE_ *****
report_safe             0
required_score          5.0
use_bayes               1
use_bayes_rules         1
bayes_auto_learn        1
skip_rbl_checks         0
use_razor2              0
use_dcc                 0
use_pyzor               0

This will set SpamAssassin to label each email that scores greater than 5.0 on its spam checks with ***** SPAM ***** and the score in its subject line. The “bayes” rules allow SpamAssassin to use its Bayesian filter to try to identify spam. And if report_safe is set to 0, incoming spam will be identified by “X-Spam-” headers added to the message while no changes are made to the message body.

Step 5: Tell Postfix to pass incoming messages to SpamAssassin for checking.

Edit /etc/postfix/ and add a content filter to your SMTP server:

smtp      inet  n       -       -       -       -       smtpd
        -o content_filter=spamassassin

Still in /etc/postfix/, add this to the end of the file:

spamassassin unix -     n       n       -       -       pipe
        user=spamd argv=/usr/bin/spamc -f -e 
        /usr/sbin/sendmail -oi -f ${sender} ${recipient}

This tells the SpamAssassin client to pass its completed checks to the default MTA (/usr/sbin/sendmail) for handoff to Dovecot for delivery.

Step 6: Start/restart everything and test.

$ service spamassassin start
$ service postfix restart

Try sending your accounts on the server a couple of emails from an external account (Gmail, Hotmail, whatever) and check the full message headers after you’ve received them. You should see some entries like this if SpamAssassin is working correctly:

X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
X-Spam-Status: No, score=0.3 required=5.0 etc. etc.

I find the basic configuration above to be pretty solid, but of course you can tinker with the spam scores, filtering methods, or other settings if you like.

类别 :  默认(688)  |  浏览(1166)  |  评论(0)