Using Spamassassin with Qsheff

It is assumed that you have installed and configured qsheff and to use spamassassin with qsheff follow these instructions:

First install Spamassasin itself. On FreeBSD issue the following commands:

# cd /usr/ports/mail/p5-Mail-Spamassassin
# make install clean

In installation step an ncurses menu appears that you can choose the compilation options. Since we are going to use spamassassin in the same server that we are running qsheff (the mail server itself) we can install spamassassin without SSL support but the choice is yours. Spamassassin also installs razor which can be found in /usr/ports/mail/razor-agents. If you dont choose to install razor in spamassasin installation you can later install this port.

After installing spamassassin for a complete spamassassin environment we will install pyzor. Pyzor (http://pyzor.sourceforge.net/) is a collaborative spam tool using digest of the spam that has sent. With every mail that is tagged as spam pyzor makes checksums of the different sections of email. If an incoming mail ,after checking, has the same checksum than it is tagged as spam. To install and configure pyzor issue following commands.

 

# cd /usr/ports/mail/pyzor
# make install clean
# pyzor discover

The last command downloads a list of pyzor servers.

As for the last software we are going to download dcc (http://www.rhyolite.com/anti-spam/dcc/) . Dcc allows individuals receiving a single mail message to determine that many other people have received essentially identical copies of the message and so reject or discard the message. To install dcc issue these commands.

 

# cd /usr/ports/mail/dcc-dccd
# make install clean

We have installed all the required softwares for spamassassin. Next we should configure spamassassin itself. The configuration file for spamassassin on FreeBSD is /usr/local/etc/mail/spamassassin/local.cf. Here is a sample local.cf that you can use

 

trusted_networks 192.168.1.
required_hits 8.0
whitelist_from *freebsd.org *lists.enderunix.org
dns_available yes
report_header 1
rewrite_header subject SPAMMSG
#skip_rbl_checks 1
pyzor_path /usr/local/bin/pyzor
pyzor_max 2
add_header all DCC _DCCB_: _DCCR_
use_razor2 1
use_pyzor 1
add_header all Pyzor _PYZOR_
score PYZOR_CHECK 5.00
use_auto_whitelist
#ok_languages en tr
#ok_locales en tr
#use_bayes 1
dcc_path /usr/local/bin/dccproc
use_dcc 1

Then to activate spamassassin at startup edit /etc/rc.conf like that:

 

#spamd
spamd_enable="YES"
spamd_flags="-d -v -s local4 -u vpopmail"


You can ommit spamd_flags but to run spamassassin with vpopmail this flag is required. Now we can start spamassassin manually

 

# /usr/local/etc/rc.d/sa-spamd.sh start

And to see the logs of spamd process edit syslogd.conf like that and restart it.

 

# syslogd.conf spamd logs

!spamd
*.* /var/log/spamd.log

 

Now we have fully configured spamassasin and the last step is to activate it. To achive this we first stop qmail-smtpd and qmail-send

 

# svc d /service/qmail-smtpd
# svc d /service/qmail-send
# svstat /service/*

/service/qmail-send: down 5 seconds, normally up
/service/qmail-smtpd: down 9 seconds, normally up

Then we will modify the /var/qmail/bin/qmail-queue which is a symbolic link after the installation of qsheff.

 

# unlink /var/qmail/bin/qmail-queue

Add following lines to /var/qmail/bin/qmail-queue.

#!/bin/sh

/usr/local/bin/spamc | /var/qmail/bin/qmail-qsheff

Then set permissions:

# chmod 755 /var/qmail/bin/qmail-queue
# ls la /var/qmail/bin/qmail-queue

-rwxr-xr-x 1 root qmail 63 Jun 26 01:13 qmail-queue

Now everything installed and we can add a qsheff.rules (/usr/local/etc/qsheff/qsheff.rules) directive that commands qsheff to reject every email that has SPAMMSG in their subject.

 

s:(SPAMMSG)

Note that after qsheff-1.0 configuration files all located under /usr/local/etc/qsheff and the configuration file layout has changed thus you MUST NOT use the old qsheff configuratin files (the ones that are prior to qsheff-1.0)

Yes all configured next we should start our qmail

 

# svc u /service/qmail-smtpd
# svc u /service/qmail-send
# svstat /service/*

/service/qmail-send: up (pid 43866) 525 seconds
/service/qmail-smtpd: up (pid 43877) 523 seconds

To watch the logs that SPAMMSG subjects are rejected look at the qsheff log file:

 

# tail f /var/log/qsheff.log

Jun 26 20:33:55 fuzuli qsheff[44507]: SUBJ, queue=q-1119832431-148986-44507, recvfrom=version 3.0.4, from=ThorneSha@jsads.com, to=xx@xx.com , subj=`SPAMMSG Amazing News', spam=`SPAMMSG Amazing News', rule=`(SPAMMSG)'

As you can see this message was blocked. If you want some domains to send you email even if they are detected as spam with spamassassin then you should configure qsheff.wblist file after activating wblist feature in qsheff (which is active by default with qsheff-1.0b ). For example this line in qsheff.wblist accepts email even if the emails subject contains SPAMMSG from deneme.com domain.

 

ACCEPT @deneme.com

 

If you want to bypass it using their IP addresses add it like that to qsheff.wblist

 

ACCEPT 192.168.1.

Now you can use qsheff with spamassassin.

26/06/2005

Omer Faruk Sen
EnderUNIX Software Development Team @ Tr
ofsen || enderunix . org
http://www.faruk.net/