Spamassasin we współpracy z postfix i dovecot na Debianie Jessie

Wymagane środowisko: 

  • debian jessie 
  • postfix (2.11.x)
  • dovecot + sieve + antispam plugin
  • spamassasin (3.4.x)

Po instalacji wyżej wymienionych pakietów trzeba jeszcze skonfigurować:

  • postfix by odbierał pocztę
  • postfix by przekazywał pocztę do spamassasina
    • spamassasin korzysta tylko z klasyfikacji zawartości poczty i nie sprawdza listy dns-blacklist (konfiguracja w /rtc/spamassaisn/local.conf)
  • spamassasin przekazuje pocztę do dovecot, który to ją dostarcza do skrzynek odbiorców
  • dovecot przed przekazaniem do skrzynek odbiorców sprawdza filtry sieve szukając spam-header-flag=yes po czym przekazuje e-mail do folderu Spam
  • jeśli poczta jest transportowana przez dovecot (akcja imap), plugin dovecot-antispam uruchamia skrypty ćwiczeń (train/retrain) w spamassasin dla każdego emaila.

Instalacja i konfiguracja

apt-get install spamassassin spamc dovecot-antispam dovecot-sieve
/etc/default/spamassassin
# /etc/default/spamassassin
# Duncan Findlay

# WARNING: please read README.spamd before using.
# There may be security risks.

# If you're using systemd (default for jessie), the ENABLED setting is
# not used. Instead, enable spamd by issuing:
# systemctl enable spamassassin.service
# Change to "1" to enable spamd on systems using sysvinit:
ENABLED=0

# Options
# See man spamd for possible options. The -d option is automatically added.

# SpamAssassin uses a preforking model, so be careful! You need to
# make sure --max-children is not set to anything higher than 5,
# unless you know what you're doing.
OPTIONS="--create-prefs --max-children 5 --helper-home-dir --allow-tell --timeout-child 30 --username debian-spamd"

# Pid file
# Where should spamd write its PID to file? If you use the -u or
# --username option above, this needs to be writable by that user.
# Otherwise, the init script will not be able to shut spamd down.
PIDFILE="/var/run/spamd.pid"

# Set nice level of spamd
#NICE="--nicelevel 15"

# Cronjob
# Set to anything but 0 to enable the cron job to automatically update
# spamassassin's rules on a nightly basis
CRON=1
 /etc/spamassassin/local.cf
# alter the mails subject
#rewrite_header Subject [***SPAM***]

# do not alter the body (0=do nothing, 1=add as attachment, 2=...)
report_safe 0

# the required spam score is 2.0 points... lets start with that
required_score 2.0

# Enable the Bayes system
use_bayes               1
use_bayes_rules         1
bayes_auto_learn        1

# Disable network checks
skip_rbl_checks         1
skip_uribl_checks       1
use_razor2              0
#use_dcc                0
use_pyzor               0

# Set headers which may provide inappropriate cues to the Bayesian classifier
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Stat
/etc/postfix/master.cf
...
...
#
# Transport: Postfix -> Spamassassin -> Dovecot
#
spamass-dovecot unix -     n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/bin/spamc -u debian-spamd -e /usr/lib/dovecot/deliver -d ${recipient}
...
...
/etc/postfix/main.cf
...
...
virtual_transport = spamass-dovecot
...
...
/etc/dovecot/conf.d/99-custom.conf
listen = *
protocols = imap sieve
log_timestamp = "%Y-%m-%d %H:%M:%S "
disable_plaintext_auth = yes

# Outlook Express and Windows Mail works only with LOGIN mechanism, not the standard PLAIN
auth_mechanisms = plain login

mail_access_groups = vmail
default_login_user = vmail
first_valid_uid=5000
last_valid_uid=5000
first_valid_gid=5000
last_valid_gid=5000
mail_privileged_group = vmail
mail_location = maildir:/home/vmail/%d/%n/Maildir
postmaster_address = postmaster@example.com

passdb {
    driver = passwd-file
    args = scheme=SHA1 /etc/dovecot/users.conf
}
userdb {
    driver = static
    args = uid=5000 gid=5000 home=/home/vmail/%d/%n/Maildir allow_all_users=yes
}
service auth {
    # places the Dovecot SASL socket in the given path
    unix_listener /var/spool/postfix/private/auth {
        mode = 0660
        # Assuming the default Postfix user and group
        user = postfix
        group = postfix
    }
    user = root
}
service imap-login {
    process_min_avail = 1
    user = vmail
}
protocol imap {
    mail_max_userip_connections = 512
    imap_idle_notify_interval = 24 mins
    mail_plugins = $mail_plugins antispam
}
protocol lda {
    log_path = syslog
    mail_plugins = $mail_plugins sieve
    mail_fsync = optimized
}
plugin {
    sieve = ~/.dovecot.sieve
    sieve_dir = ~/sieve
    sieve_global_dir = /etc/sieve/
    sieve_global_path = /etc/sieve/default.sieve
}
plugin {
    antispam_backend = pipe
    antispam_signature = X-Spam-Flag
    antispam_signature_missing = move

    antispam_trash = trash;Trash;Deleted Items;Deleted Messages
    antispam_trash_pattern = trash;Trash;Deleted *
    antispam_trash_pattern_ignorecase = TRASH

    antispam_spam = Spam;Junk
    antispam_spam_pattern = spam;Spam;junk;Junk
    antispam_spam_pattern_ignorecase = SPAM;JUNK

    antispam_pipe_tmpdir = /var/tmp
    antispam_pipe_program = /usr/bin/spamc
    antispam_pipe_program_args = --username;debian-spamd
    antispam_pipe_program_spam_arg = --learntype=spam
    antispam_pipe_program_notspam_arg = --learntype=ham

    #antispam_debug_target = syslog
    #antispam_verbose_debug = 1
}


# begin of ssl configuration
ssl = yes
ssl_cert = </etc/postfix/ssl/postfix.cert
ssl_key = </etc/postfix/ssl/postfix.key
# end of ssl configuration

Stwórz filtr sieve, który za pomocą nagłówka oceni pocztę i umieści ją w Spamie

Utwórz folder sieve

mkdir -p /etc/sieve

Plik filtru Sieve filter file:

/etc/sieve/default.sieve

require ["fileinto", "mailbox"];
# fileinto: for putting mail into a imap folder
# mailbox: for creating imap folder if not exists
#
if header :contains "X-Spam-Flag" "YES" {
    # move mail into Folder Spam, create folder if not exists
    fileinto :create "Spam";
    stop;
}
Skompiluj filtr sieve i zmień właściciela
sievec -D /etc/sieve/default.sieve
chown -R vmail:vmail /etc/sieve
Wytrenuj spamassasin za pomocą e-maili w Twojej poczcie w folderach skrzynki odbiorczej jako HAM (dobra poczta) i w folderach śmieci jako SPAM (niechciana poczta).
### train for SPAM
su debian-spamd
sa-learn --spam -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Spam/*

### train for HAM
su debian-spamd
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Sent/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2005/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2006/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2007/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2008/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2009/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2010/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2011/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2012/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2013/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2014/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2015/cur/*
Ustawienie spamassain
### train for SPAM
su debian-spamd
sa-learn --spam -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Spam/*

### train for HAM
su debian-spamd
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Sent/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2005/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2006/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2007/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2008/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2009/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2010/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2011/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2012/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2013/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2014/cur/*
sa-learn --ham -u debian-spamd --showdots --dir /home/vmail/example.com/foo/Maildir/.Archive.2015/cur/*

To już wszystko 🙂