Learning Spam With SpamAssassin And All Of Your ISPConfig Clients [ISPConfig 3]

This is a quick way of learning spam from all of your ISPConfig clients by running a quick and simple command. Please note that this is for ISPConfig 3, not 2.

You can start out by creating a new file in /bin. For example sa_learn.

nano /bin/sa_learn

Now once you are in that file you can paste the following:

#!/bin/bash
/usr/bin/sa-learn --spam /var/vmail/*/*/.Junk/*/*
/usr/bin/sa-learn --ham /var/vmail/*/*/cur/*

The first part to this code is the directory of the SpamAssassin learning script, when putting in the --spam it learns it as spam, and --ham learns it has "good" messages. The second part to this code is the directory to your clients' spam folders. So once this is all done, you can learn all spam in your customers' spam folders.

After you have saved that file by clicking ctrl x, you will want to make it executable by doing the following command:

chmod o+x /bin/sa_learn

And then now from the command prompt you can simply type

sa_learn

and it will learn spam and ham!

Share this page:

10 Comment(s)

Add comment

Comments

From:

What happens after running the sa-learn command from the command line?  Does SpamAssassin continue monitoring the folders into the future?  Rather, does the command have to be kicked off periodically to continue learning?  If the answer is the later, this would likely be included in a cron job correct?

From: Adan0s

you need to put it into a cronjob to let it automatically process the spam/ham

From:

How should we setup this cronjob?

From: admins

Its only for small mailservers.
If you've a large mailserver sa-learn say its a too long command, bye..

 

admins

From:

Simply remove the final * from all commands. If you use maildir, it is sufficient to give the directory name and sa_learn will investigate all mails in the directory.

From:

Thank for this short guide, I have translated in Germany. Here you can see

http://www.howtoforge.de/uncategorized/ispconfig-3-clients-lernen-spam-mit-spamassassin/

. Best ThanksPlaNet Fox

From: vincenzo Ingrosso

Hy,

you have missing in /bin/sa_learn the Maildir so script change to:

#!/bin/bash
/usr/bin/sa-learn --spam /var/vmail/*/*/*/.Junk/*/*
/usr/bin/sa-learn --ham /var/vmail/*/*/*/cur/*

Thank you for your work!

From:

Is it bad to run this script if a lot of the emails in the spam folder is already marked as spam by spamassasin (***SPAM*** in the title) ? Or doesn't it matter?

From: Anonymous

For the learned bayes tokens to actually be used while amavis calls spamassassin, the following line has to go in /etc/spamassassin/local.cf:

bayes_path /var/lib/amavis/.spamassassin/bayes

By default, the learned tokens go to ~/.spamassassin/ of the user under which sa-learn is run where it will never be read (since virtual mailboxes are used). Instead, all tokens have to go under the home directory of the amavis user which is /var/lib/amavis.

To verify that the correct directory is used by spamassassin, execute:

spamassassin -D -t < /usr/share/doc/spamassassin/examples/sample-spam.txt 2>&1 | egrep '(bayes:|whitelist:|AWL)'

You should see these lines:
[...]
dbg: bayes: tie-ing to DB file R/O /var/lib/amavis/.spamassassin/bayes_toks
dbg: bayes: tie-ing to DB file R/O /var/lib/amavis/.spamassassin/bayes_seen
[...]

From: justStartn

based on the suggestions by others in this thread,

this seems to be working for me:

to set the common ie server training tokens folder:

 vi /etc/spamassassin/local.cf

   bayes_path /var/lib/amavis/.spamassassin/bayes

To verify that the correct directory is used by spamassassin, execute:

 spamassassin -D -t < /usr/share/doc/spamassassin/examples/sample-spam.txt 2>&1 | egrep '(bayes:|whitelist:|AWL)'

You should see these lines:

 dbg: bayes: tie-ing to DB file R/O /var/lib/amavis/.spamassassin/bayes_toks

 dbg: bayes: tie-ing to DB file R/O /var/lib/amavis/.spamassassin/bayes_seen

show bayes sa status:

 sa-learn --dump magic

training: 

/usr/bin/sa-learn --spam /var/vmail/*/*/*/.Junk/*/* 

/usr/bin/sa-learn --ham /var/vmail/*/*/*/cur/* 

better training ham before spam as we might have picked up spam in our ham and it will unleard the ham during the spam:

 /usr/bin/find /var/vmail/*/*/Maildir -maxdepth 1 -not -ipath '*/*Junk*' -not -ipath '*/*Trash*' -not -ipath '*/Maildir' -not -ipath '*/*spam*' -type d -exec /usr/bin/sa-learn --ham {} \;

 /usr/bin/find /var/vmail/*/*/Maildir/ -type d \( -iname "*Junk*" -o -iname "*spam*" \) -exec /usr/bin/sa-learn --spam {} \;

crontab for ham running once as it takes over an hour and spam runs ever 2 hours:

 # this is how we train spamassassin spam vs ham

 22 2 * * * /usr/bin/find /var/vmail/*/*/Maildir -maxdepth 1 -not -ipath '*/*Junk*' -not -ipath '*/*Trash*' -not -ipath '*/Maildir' -not -ipath '*/*spam*' -type d -exec /usr/bin/sa-learn --ham {} \; 2>&1 > /dev/null

 02 */2 * * * /usr/bin/find /var/vmail/*/*/Maildir/ -type d \( -iname "*Junk*" -o -iname "*spam*" \) -exec /usr/bin/sa-learn --spam {} \;  2>&1 > /dev/null

 59 5 * * * /usr/bin/sa-learn --dump magic