There is a new revision of this tutorial available for Debian 7 (Wheezy).

Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAssassin, ClamAV) - Page 4

This tutorial exists for these OS versions

On this page

8 Install Razor, Pyzor And DCC And Configure SpamAssassin

Razor, Pyzor and DCC are spamfilters that use a collaborative filtering network. To install them, run

apt-get install razor pyzor dcc-client

Now we have to tell SpamAssassin to use these three programs. Edit /etc/spamassassin/local.cf so that it looks like this:

# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
###########################################################################
#
# rewrite_header Subject *****SPAM*****
# report_safe 1
# trusted_networks 212.17.35.
# lock_method flock

# dcc
use_dcc 1
dcc_path /usr/bin/dccproc
dcc_add_header 1
dcc_dccifd_path /usr/sbin/dccifd

#pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
pyzor_add_header 1

#razor
use_razor2 1
razor_config /etc/razor/razor-agent.conf

#bayes
use_bayes 1
use_bayes_rules 1
bayes_auto_learn 1

Run

/etc/init.d/amavis restart

afterwards.

Now I want to insert some custom rulesets that can be found on the internet into SpamAssassin. I have tested those rulesets, and they make spam filtering a lot more effective. Create the file /usr/local/sbin/sa_rules_update.sh:

#!/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf -O 71_sare_redirect_pre3.0.0.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf -O 70_sare_bayes_poison_nxm.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html.cf -O 70_sare_html.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html4.cf -O 70_sare_html4.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_html_x30.cf -O 70_sare_html_x30.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header0.cf -O 70_sare_header0.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header3.cf -O 70_sare_header3.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_header_x30.cf -O 70_sare_header_x30.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_specific.cf -O 70_sare_specific.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_adult.cf -O 70_sare_adult.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf -O 72_sare_bml_post25x.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf -O 99_sare_fraud_post25x.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_spoof.cf -O 70_sare_spoof.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_random.cf -O 70_sare_random.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_oem.cf -O 70_sare_oem.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj0.cf -O 70_sare_genlsubj0.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj3.cf -O 70_sare_genlsubj3.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_genlsubj_x30.cf -O 70_sare_genlsubj_x30.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_unsub.cf -O 70_sare_unsub.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/70_sare_uri.cf -O 70_sare_uri.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf -O bogus-virus-warnings.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.yackley.org/sa-rules/evilnumbers.cf -O evilnumbers.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.stearns.org/sa-blacklist/random.current.cf -O random.current.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_body.cf -O 88_FVGT_body.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_rawbody.cf -O 88_FVGT_rawbody.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_subject.cf -O 88_FVGT_subject.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_headers.cf -O 88_FVGT_headers.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/88_FVGT_uri.cf -O 88_FVGT_uri.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_DomainDigits.cf -O 99_FVGT_DomainDigits.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf -O 99_FVGT_Tripwire.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.rulesemporium.com/rules/99_FVGT_meta.cf -O 99_FVGT_meta.cf &> /dev/null

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://www.nospamtoday.com/download/mime_validate.cf -O mime_validate.cf &> /dev/null

/etc/init.d/amavis restart &> /dev/null

exit 0

chmod 755 /usr/local/sbin/sa_rules_update.sh

Then run that script once, it will fetch those rulesets and insert them into SpamAssassin:

/usr/local/sbin/sa_rules_update.sh

We create a cron job so that those rulesets will be updated regularly. Run

crontab -e

to open the cron job editor. Create following cron job:

23 4 */2 * * /usr/local/sbin/sa_rules_update.sh &> /dev/null

This will update the rulesets every second day at 4.23h.

(Note (a little off-topic): on Debian Sarge crontab -e will automatically open the editor nano. If you are used to working with the editor vi (like me), run the following commands:

rm -f /etc/alternatives/editor
ln -s /usr/bin/vi /etc/alternatives/editor

Afterwards, run crontab -e, and vi will come up.)

9 Quota Exceedance Notifications

If you want to get notifications about all the email accounts that are over quota, then do this:

cd /usr/local/sbin/
wget http://puuhis.net/vhcs/quota.txt
mv quota.txt quota_notify
chmod 755 quota_notify

Open /usr/local/sbin/quota_notify and edit the variables at the top:

my $POSTFIX_CF = "/etc/postfix/main.cf";
my $MAILPROG = "/usr/sbin/sendmail -t";
my $WARNPERCENT = 80;
my @POSTMASTERS = ('[email protected]');
my $CONAME = 'ISP.tld';
my $COADDR = '[email protected]';
my $SUADDR = '[email protected]';
my $MAIL_REPORT = 1;
my $MAIL_WARNING = 1;

Run

crontab -e

to create a cron job for that script:

0 0 * * * /usr/local/sbin/quota_notify &> /dev/null

Share this page:

12 Comment(s)

Add comment

Comments

From: Anonymous

"Now we create a user and group called vmail with the home directory /home/vamil. This is where all mail boxes will be stored."

should be /home/vmail

"Then run that script once, it will fetch those rulesets and insert them into SpamAssassin:"
Does not insert them or i missed something

From: admin

I corrected the typo, thanks! :-)

From: Anonymous

That update script stubbornly refused to run for me till i realised that pasting into the file using the Webmin file manager pop-up might not be good, so i opened it with vi and all of the line endings had ^M characters.

Got rid of those and it worked like a charm.

Thanks for the great how to!

Matt

From: Anonymous

I got error: "-ERR Maildir: No such file or directory" while telnet localhost pop3 after entering right user/pass: root@server:/var/log # telnet localhost pop3 Trying 127.0.0.1... Connected to server.local. Escape character is '^]'. +OK Hello there. user [email protected] +OK Password required. pass 1234 -ERR Maildir: No such file or directory Connection closed by foreign host. root@server:/var/log #

From: admin

You have to send that user an email first. The mailbox is created when the first email arrives, and then you can use POP3 without errors.

From: Anonymous

I sent a mail and the directory structure exists but I do still have this error message in Outlook ans sqwebmail. Permissions are set to 700 for user accounts. I tried ehlo howtoforge.com; same results as in howto. tried in shell "mail from:<[email protected]> ; 250-OK rcpt to:<[email protected]> (with existing user in mysql database); 250-OK data; 250-OK with comments between <...>; This is a test email. .; Mail queued... quit "

I receive the mail in my directory and everything works fine. If I try to connect to server using pop or imap (sqwebmail) and got this "I got error: "-ERR Maildir: No such file or directory" or "

Unable to open the maildir for this account -- the maildir doesn't exist or has incorrect ownership or permissions."

Some ideas??? Thanks in advance

From: Oles

I had the same error. It was fixed by adding next source

deb http://volatile.debian.org/debian-volatile etch/volatile-sloppy main contrib non-free
and then:

apt-get update
apt-get dist-upgrade

From: Anonymous

GREAT HOWTO! Thanks!

From: Anonymous

Hi,

Every thing works fine :):):):):):) just a little remark, I do not receive any delivery confirmation. What did I wrong or maybe didnt' do?

Thanks

From: Anonymous

Wow, that wget command is tedious! Here's what I've got. Wget -q is quiet, -N overwrites the file if they've been changed and -i defines an input file.

% cat /etc/cron.weekly/sa-rules-update
#!/bin/sh
cd /etc/spamassassin && wget -q -N -i /etc/sa-rules-thirdparty

% head -3 /etc/sa-rules-thirdparty
http://www.rulesemporium.com/rules/71_sare_redirect_pre3.0.0.cf
http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf
http://www.rulesemporium.com/rules/70_sare_html.cf

Cheers,

Guillaume

From:

You need to remove a line from the /usr/local/sbin/sa_rules_update.sh file if you use this script with any of the newer versions of spamassassin.  Delete the file /etc/spamassassin/antidrug.cf and then

REMOVE THIS LINE:

cd /etc/spamassassin/ &> /dev/null && /usr/bin/wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf -O antidrug.cf &> /dev/null
 
 

From: Anonymous

Hi,

 The following URL doesn't work anymore (broken), therefor I cannot download the script:

 http://puuhis.net/vhcs/quota.txt