http://sylvestre.ledru.info/howto/howto_qmail_spamassassin.php
By Sylvestre Ledru June 2003
Version francaise
Return to the linux page
(02/04/2002), Bug fix :
I just add a little bug fix for some OS which remove the +x on qmail-queue (the qmail-scanner is not concerned)
(01/11/2003), Qmail-scanner :
I had a new way of calling spamassassin client using qmail-scanner.
(23/07/2003), Preferences :
Matthew Francis sent me a quite good howto explaining how to get user preferences for spamassassin. It is available here.
(08/06/2003), Localisation :
If you want to change the language of the spam report (ie why the email has been tagged as a spam), just change the locales to your language (dpkg-reconfigure locales under debian) and install gettext (apt-get install gettext) and you will have the appropriate version (french for example)...
(11/03/2005), Update :
After almost two years without updates, my other howto about qmail is much more complet and uptodate, I clean this one :
- first method deprecated
- new version of spamassassin 3.0.X
- use of netqmail instead of qmail
- new version of qmail-scanner with the q-s-st patch (activation of Spamassassin just for a domain)
If you like this howto and you want to thank me for my work : here is my wishlist on Amazon - France or my Amazon US wishlist :)
If you are a corporation and you make some business thanks to my howto, we'll love to have a present from you (or just tell me who is using my howto).
Thank to Scott Kinkade for his cash donation. I really do appreciate.
If you want more informations about the intallation of qmail, I wrote a long howto about.
I wrote this howto because there is a lack of documentation about qmail with spamassassin.
This howto has been designed for qmail with vpopmail but it should work without a lot of modifications with something else than vpopmail.
Spamassassin is a very powerfull program which checks if the receveid email is a spam or not. The analys is based on a list of mark. If the sum of all the mark exceed a specified amount (for example 5), the email will be tagged (****SPAM**** in the topic).
With this, it is very easy to create a rule which will move all emails into a specific directory (i.e. trash:)
If you want to link Qmail with spamassassin, it is quite easy.
First, install spamassassin and install razor and pyzor if you want to use it.
Under debian :
apt-get install spamassassin You should use the "debian unstable or testing" version of spamassassin which, most of the time, will find more spam.
Under other system (Redhat, Suse, Solaris ...) : The latest version of spamassassin today is the version 3.0.2. The installation is almost the same, only a few directives changed.
wget http://useast.spamassassin.org/released/Mail-SpamAssassin-2.55.tar.gz
tar -zxvf Mail-SpamAssassin-2.55.tar.gz
cd Mail-SpamAssassin-2.55
perl Makefile.PL
make
make install
cp spamd/debian-rc-script.sh /etc/init.d/spamassassin You can replace debian by redhat, solaris, netbsd, suse ...
chmod +x /etc/init.d/spamassassin
Then, edit /etc/spamassassin/local.cf
Version 2.5X :
required_hits 6.0
rewrite_subject 1
report_header 1
use_terse_report 1
defang_mime 1
dns_available yes
dcc_add_header 1
use_pyzor 1 (Only if you have installed pyzor)
use_razor2 (Only if you have installed razor2)
use_dcc 1
Version 3 :
#Number of points to tag the spam required_hits 5.0 # Add the result in the header always_add_headers 1 # change the subject rewrite_subject 1 report_safe 1 use_terse_report 1 # dns checks (warning : increase the process length) dns_available yes dcc_add_header 0 # Don't skip the relay black list skip_rbl_checks 0 use_dcc 1 dcc_timeout 10 # Remote verification use_pyzor 1 pyzor_timeout 10 pyzor_add_header 1 # Never from the previous results auto_learn 1 # use the bayes filter use_bayes 1 # Where spamassassin must store these informations : bayes_path /var/qmail/spamassassin/ # Where he stores the auto white list results : auto_whitelist_path /var/qmail/spamassassin/auto_whitelist
If you want to have detailled information about spamassassin processing, add the line in the local.cf file : timelog_path /var/log/spamassassin, run the daemon with the -D option (so, specify it in the /etc/default/spamassassin file under debian), create the directory with appropriate rights (should be vpopmail). In the directory, you will have for each email a file which sum up the spamassassin process (it is a debug option !).
I use these rules. Feel free to change ! Documentation about this is available here : perldoc Mail::SpamAssassin::Conf
In /etc/default/spamassassin (if this file does not exist, create it)
Change ENABLED to 1, then add these options : - "-m 10 -v --auto-whitelist" for the version 2.5X.
- "-v -m 10 -u vpopmail --nouser-config" for the version 3
With that stuff, you can launch spamd which is bascilly a spamassassin deamon (provide great performances).
-m 10 => 10 childs
-v => vpopmail config
--auto-whitelist => Use auto whitelist (friend list)
Instead of spamassassin, you have to use spamc in order to test email.
There are some options "-c -u vpopmail" which enabled the creation of preferences for a domain or a user but it does not work very well for me.
/etc/init.d/spamassassin start
Next, the modification of qmail in order to check emails.
Basically, there are two kind of configuration for qmail :
- the fastest/easiest way is to change the qmail-queue in order to "introduce" the spamasssin check.Deprecated
- the cleanest way is to use qmail-scanner.
Changing the qmail-queue program
cp /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.orig
chown qmailq:qmail qmail-queue
chown qmailq:qmail qmail-queue.orig
chmod u+s qmail-queue.orig
chmod o+r,+x qmail-queue.orig qmail-queue Not fundamental but sometime it is necessary (depends the system)
mkdir /home/vpopmail/.spamassassin
cd /home/vpopmail
chmod 777 /home/vpopmail/.spamassassin
chown -R qmailq:qmail .spamassassin
chmod u=rwx,g=rx,o= /home/vpopmail/.spamassassin
Now, delete the content of the executable which manage the queue.
echo -n > /var/qmail/bin/qmail-queue
Then, edit the qmail-queue file and add this inside :
#!/bin/sh
/usr/bin/spamc | /var/qmail/bin/qmail-queue.orig
I agree that it is a quick/dirty method. It causes some issues with the injection of a bounce in the queue. (qmail-queue is not planned to work this way).
With qmail-scanner - Visit http://sylvestre.ledru.info/howto/howto_qmail_vpopmail.php for more informations
First, you have to patch qmail with the qmailqueue-patch or install netqmail which has already this plugin.
Qmail with the patch :
wget http://qmail.agarik.com/qmail-1.03.tar.gz
tar -zxvf qmail-1.03.tar.gz
cd qmail-1.03
wget http://qmail.mirrored.ca/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
wget http://sylvestre.ledru.info/howto/qmail/qmailqueue-patch
patch -p1 < qmail-1.03.errno.patch
patch -p1 < qmailqueue-patch
With netqmail :
wget http://qmail.agarik.com/netqmail-1.05.tar.gz
tar -zxvf netqmail-1.05.tar.gz
cd netqmail-1.05/
./collate.sh
cd netqmail-1.05
Add the QMAILQUEUE parameter to the /etc/tcp.smtp file :
127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
198.168.1.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
Rehash tcpserver :
/usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp.cdb
And then, install qmail-scanner with qmail-scanner-st
. qmail-scanner-st is a patched version a qmail-scanner which enabled great features like auto delete/reject/quarantine spam over a specified score but also to select which scanners will be used for a domain and even for a user, then, it is possible to configure the spamassassin / antivirus just for one domain/user.
wget http://unc.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-1.25.tgz wget http://xoomer.virgilio.it/j.toribio/qmail-scanner/download/q-s-1.25st-20050207.patch.gz
gunzip q-s-1.25st-20050207.patch.gz
tar -zxvf qmail-scanner-1.25.tgz
cd qmail-scanner-1.25/
patch -p1 < ../q-s-1.25st-20050207.patch
groupadd qscand
useradd -c "Qmail-Scanner Account" -g qscand -s /bin/false qscand
./configure --qs-user qscand --qs-group qscand --spooldir /var/spool/qmailscan --qmaildir /var/qmail --bindir /var/qmail/bin --qmail-queue-binary /var/qmail/bin/qmail-queue --admin-fromname "Mail admin" --admin postmaster --domain vladimir.avence.info --notify sender,admin,recips --local-domains `cat /var/qmail/control/rcpthosts | tr "\n" " "` --silent-viruses auto --unzip 1 --add-dscr-hdrs 1 --archive 0 --redundant yes --log-crypto 0 --scanners "fast_spamassassin" --scanners-per-domain yes --sa-subject "*****SPAM*****" --sa-delete 5 --install 1
After the installation, if you want to change your preferences, you have to edit the /var/qmail/bin/qmail-scanner-queue.pl file. In this file, you can also add option for the spamassassin client.
If you want to enable/disable some scanners, edit the /var/spool/qmailscan/scanners_per_domain.txt
To rehash the scanner per domain file : /var/qmail/bin/qmail-scanner-queue.pl -p
To rehash the quarantine attachement file : /var/qmail/bin/qmail-scanner-queue.pl -g
trunks.ecranbleu.org:sa,ps,clamdscan_scanner
# sa = spamassassin
# ps = perl scanner
This should be enough to use SpamAssassin on the whole system.
I have to try to find how it can be linked with vpopmail in order to create preference for a specific domain or a specific user. (if someone knows : [email protected])
Problems :
- link with vpopmail
This howto is inspired and corrected from :
http://www.euronet.nl/users/erhnam/linux/qmail/qmail.htm.
By Sylvestre Ledru June 2003
Version francaise
Return to the linux page
(02/04/2002), Bug fix :
I just add a little bug fix for some OS which remove the +x on qmail-queue (the qmail-scanner is not concerned)
(01/11/2003), Qmail-scanner :
I had a new way of calling spamassassin client using qmail-scanner.
(23/07/2003), Preferences :
Matthew Francis sent me a quite good howto explaining how to get user preferences for spamassassin. It is available here.
(08/06/2003), Localisation :
If you want to change the language of the spam report (ie why the email has been tagged as a spam), just change the locales to your language (dpkg-reconfigure locales under debian) and install gettext (apt-get install gettext) and you will have the appropriate version (french for example)...
(11/03/2005), Update :
After almost two years without updates, my other howto about qmail is much more complet and uptodate, I clean this one :
- first method deprecated
- new version of spamassassin 3.0.X
- use of netqmail instead of qmail
- new version of qmail-scanner with the q-s-st patch (activation of Spamassassin just for a domain)
If you like this howto and you want to thank me for my work : here is my wishlist on Amazon - France or my Amazon US wishlist :)
If you are a corporation and you make some business thanks to my howto, we'll love to have a present from you (or just tell me who is using my howto).
Thank to Scott Kinkade for his cash donation. I really do appreciate.
If you want more informations about the intallation of qmail, I wrote a long howto about.
I wrote this howto because there is a lack of documentation about qmail with spamassassin.
This howto has been designed for qmail with vpopmail but it should work without a lot of modifications with something else than vpopmail.
Spamassassin is a very powerfull program which checks if the receveid email is a spam or not. The analys is based on a list of mark. If the sum of all the mark exceed a specified amount (for example 5), the email will be tagged (****SPAM**** in the topic).
With this, it is very easy to create a rule which will move all emails into a specific directory (i.e. trash:)
If you want to link Qmail with spamassassin, it is quite easy.
First, install spamassassin and install razor and pyzor if you want to use it.
Under debian :
apt-get install spamassassin You should use the "debian unstable or testing" version of spamassassin which, most of the time, will find more spam.
Under other system (Redhat, Suse, Solaris ...) : The latest version of spamassassin today is the version 3.0.2. The installation is almost the same, only a few directives changed.
wget http://useast.spamassassin.org/released/Mail-SpamAssassin-2.55.tar.gz
tar -zxvf Mail-SpamAssassin-2.55.tar.gz
cd Mail-SpamAssassin-2.55
perl Makefile.PL
make
make install
cp spamd/debian-rc-script.sh /etc/init.d/spamassassin You can replace debian by redhat, solaris, netbsd, suse ...
chmod +x /etc/init.d/spamassassin
Then, edit /etc/spamassassin/local.cf
Version 2.5X :
required_hits 6.0
rewrite_subject 1
report_header 1
use_terse_report 1
defang_mime 1
dns_available yes
dcc_add_header 1
use_pyzor 1 (Only if you have installed pyzor)
use_razor2 (Only if you have installed razor2)
use_dcc 1
Version 3 :
#Number of points to tag the spam required_hits 5.0 # Add the result in the header always_add_headers 1 # change the subject rewrite_subject 1 report_safe 1 use_terse_report 1 # dns checks (warning : increase the process length) dns_available yes dcc_add_header 0 # Don't skip the relay black list skip_rbl_checks 0 use_dcc 1 dcc_timeout 10 # Remote verification use_pyzor 1 pyzor_timeout 10 pyzor_add_header 1 # Never from the previous results auto_learn 1 # use the bayes filter use_bayes 1 # Where spamassassin must store these informations : bayes_path /var/qmail/spamassassin/ # Where he stores the auto white list results : auto_whitelist_path /var/qmail/spamassassin/auto_whitelist
If you want to have detailled information about spamassassin processing, add the line in the local.cf file : timelog_path /var/log/spamassassin, run the daemon with the -D option (so, specify it in the /etc/default/spamassassin file under debian), create the directory with appropriate rights (should be vpopmail). In the directory, you will have for each email a file which sum up the spamassassin process (it is a debug option !).
I use these rules. Feel free to change ! Documentation about this is available here : perldoc Mail::SpamAssassin::Conf
In /etc/default/spamassassin (if this file does not exist, create it)
Change ENABLED to 1, then add these options : - "-m 10 -v --auto-whitelist" for the version 2.5X.
- "-v -m 10 -u vpopmail --nouser-config" for the version 3
With that stuff, you can launch spamd which is bascilly a spamassassin deamon (provide great performances).
-m 10 => 10 childs
-v => vpopmail config
--auto-whitelist => Use auto whitelist (friend list)
Instead of spamassassin, you have to use spamc in order to test email.
There are some options "-c -u vpopmail" which enabled the creation of preferences for a domain or a user but it does not work very well for me.
/etc/init.d/spamassassin start
Next, the modification of qmail in order to check emails.
Basically, there are two kind of configuration for qmail :
- the fastest/easiest way is to change the qmail-queue in order to "introduce" the spamasssin check.Deprecated
- the cleanest way is to use qmail-scanner.
Changing the qmail-queue program
cp /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.orig
chown qmailq:qmail qmail-queue
chown qmailq:qmail qmail-queue.orig
chmod u+s qmail-queue.orig
chmod o+r,+x qmail-queue.orig qmail-queue Not fundamental but sometime it is necessary (depends the system)
mkdir /home/vpopmail/.spamassassin
cd /home/vpopmail
chmod 777 /home/vpopmail/.spamassassin
chown -R qmailq:qmail .spamassassin
chmod u=rwx,g=rx,o= /home/vpopmail/.spamassassin
Now, delete the content of the executable which manage the queue.
echo -n > /var/qmail/bin/qmail-queue
Then, edit the qmail-queue file and add this inside :
#!/bin/sh
/usr/bin/spamc | /var/qmail/bin/qmail-queue.orig
I agree that it is a quick/dirty method. It causes some issues with the injection of a bounce in the queue. (qmail-queue is not planned to work this way).
With qmail-scanner - Visit http://sylvestre.ledru.info/howto/howto_qmail_vpopmail.php for more informations
First, you have to patch qmail with the qmailqueue-patch or install netqmail which has already this plugin.
Qmail with the patch :
wget http://qmail.agarik.com/qmail-1.03.tar.gz
tar -zxvf qmail-1.03.tar.gz
cd qmail-1.03
wget http://qmail.mirrored.ca/moni.csi.hu/pub/glibc-2.3.1/qmail-1.03.errno.patch
wget http://sylvestre.ledru.info/howto/qmail/qmailqueue-patch
patch -p1 < qmail-1.03.errno.patch
patch -p1 < qmailqueue-patch
With netqmail :
wget http://qmail.agarik.com/netqmail-1.05.tar.gz
tar -zxvf netqmail-1.05.tar.gz
cd netqmail-1.05/
./collate.sh
cd netqmail-1.05
Add the QMAILQUEUE parameter to the /etc/tcp.smtp file :
127.0.0.1:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
198.168.1.:allow,RELAYCLIENT="",QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
:allow,QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue.pl"
Rehash tcpserver :
/usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
chmod 644 /etc/tcp.smtp.cdb
And then, install qmail-scanner with qmail-scanner-st
. qmail-scanner-st is a patched version a qmail-scanner which enabled great features like auto delete/reject/quarantine spam over a specified score but also to select which scanners will be used for a domain and even for a user, then, it is possible to configure the spamassassin / antivirus just for one domain/user.
wget http://unc.dl.sourceforge.net/sourceforge/qmail-scanner/qmail-scanner-1.25.tgz wget http://xoomer.virgilio.it/j.toribio/qmail-scanner/download/q-s-1.25st-20050207.patch.gz
gunzip q-s-1.25st-20050207.patch.gz
tar -zxvf qmail-scanner-1.25.tgz
cd qmail-scanner-1.25/
patch -p1 < ../q-s-1.25st-20050207.patch
groupadd qscand
useradd -c "Qmail-Scanner Account" -g qscand -s /bin/false qscand
./configure --qs-user qscand --qs-group qscand --spooldir /var/spool/qmailscan --qmaildir /var/qmail --bindir /var/qmail/bin --qmail-queue-binary /var/qmail/bin/qmail-queue --admin-fromname "Mail admin" --admin postmaster --domain vladimir.avence.info --notify sender,admin,recips --local-domains `cat /var/qmail/control/rcpthosts | tr "\n" " "` --silent-viruses auto --unzip 1 --add-dscr-hdrs 1 --archive 0 --redundant yes --log-crypto 0 --scanners "fast_spamassassin" --scanners-per-domain yes --sa-subject "*****SPAM*****" --sa-delete 5 --install 1
After the installation, if you want to change your preferences, you have to edit the /var/qmail/bin/qmail-scanner-queue.pl file. In this file, you can also add option for the spamassassin client.
If you want to enable/disable some scanners, edit the /var/spool/qmailscan/scanners_per_domain.txt
To rehash the scanner per domain file : /var/qmail/bin/qmail-scanner-queue.pl -p
To rehash the quarantine attachement file : /var/qmail/bin/qmail-scanner-queue.pl -g
trunks.ecranbleu.org:sa,ps,clamdscan_scanner
# sa = spamassassin
# ps = perl scanner
This should be enough to use SpamAssassin on the whole system.
I have to try to find how it can be linked with vpopmail in order to create preference for a specific domain or a specific user. (if someone knows : [email protected])
Problems :
- link with vpopmail
This howto is inspired and corrected from :
http://www.euronet.nl/users/erhnam/linux/qmail/qmail.htm.