Difference between revisions of "Spamassassin on CentOS 6"
(11 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
+ | We'll show the example how to block spam on your mailserver. | ||
+ | In short - this is config example of postfix with spamassasin . | ||
+ | Surely we are using rbls in a postfix config. | ||
+ | |||
'''Installation''' | '''Installation''' | ||
Line 15: | Line 19: | ||
nano /etc/mail/spamassassin/local.cf | nano /etc/mail/spamassassin/local.cf | ||
− | Uncomment or add the following | + | Uncomment or add the following lines: |
required_hits 5.0 | required_hits 5.0 | ||
Line 30: | Line 34: | ||
'''Integration to Postfix''' | '''Integration to Postfix''' | ||
− | + | First it might be a good idea to add some HELO and recipient restrictions into '''/etc/postfix/main.cf''': | |
+ | |||
+ | # HELO restrictions: | ||
+ | smtpd_delay_reject = yes | ||
+ | smtpd_helo_required = yes | ||
+ | smtpd_helo_restrictions = | ||
+ | permit_mynetworks, | ||
+ | reject_non_fqdn_helo_hostname, | ||
+ | reject_invalid_helo_hostname, | ||
+ | permit | ||
+ | |||
+ | # Recipient restrictions: | ||
+ | smtpd_recipient_restrictions = | ||
+ | permit_mynetworks, | ||
+ | permit_sasl_authenticated, | ||
+ | reject_unauth_pipelining, | ||
+ | reject_non_fqdn_recipient, | ||
+ | reject_unauth_destination, | ||
+ | reject_rbl_client zen.spamhaus.org, | ||
+ | reject_rbl_client bl.spamcannibal.org, | ||
+ | check_policy_service unix:postgrey/socket, | ||
+ | permit | ||
+ | |||
+ | Note that "permit_sasl_authenticated" is optional and will only work if you have sasl auth installed and working. | ||
+ | |||
+ | Using blacklists is on your own choice. The email will be rejected in case listed in any of blacklists in postfix config | ||
+ | |||
+ | |||
+ | Now open postfix master.cf file: | ||
nano /etc/postfix/master.cf | nano /etc/postfix/master.cf | ||
Line 63: | Line 95: | ||
If you will see [SPAM] in the subject line, Spamassassin work correctly. | If you will see [SPAM] in the subject line, Spamassassin work correctly. | ||
− | + | '''Discard spam''' | |
+ | |||
+ | If you see that only a real spam is being marked as spam, you can configure postfix to discard that mails and forget about spam. | ||
+ | |||
+ | Open the file '''/etc/postfix/main.cf''' and add this line (if it is not already present): | ||
+ | header_checks = regexp:/etc/postfix/header_checks | ||
+ | |||
+ | Open the file '''/etc/postfix/header_checks''' and add this line (if it is not already present): | ||
+ | /^X-Spam-Flag:.YES/ DISCARD spam | ||
+ | |||
+ | Restart postfix | ||
+ | service postfix restart | ||
+ | |||
+ | |||
+ | '''Example to add whitelisting rules. Simply add these lines to local.cf {usually located in /etc/mail/spamassassin} | ||
+ | |||
+ | Whitelist everyone at domain.com [all messages from this domain will be accepted]: | ||
+ | whitelist_from *@domain.com | ||
+ | |||
+ | |||
+ | Whitelist all emails sent from specified IP address: | ||
+ | header ALLOWN4H Received=~ /\[191.101.250.60\]/ | ||
+ | score ALLOWN4H -9 | ||
+ | describe ALLOWN4H Allows relays from 191.101.250.60 | ||
+ | |||
+ | |||
+ | Example spamassasing config: | ||
+ | |||
+ | Config usually located : /etc/mail/spamassassin/local.cf | ||
+ | |||
+ | # These values can be overridden by editing ~/.spamassassin/user_prefs.cf | ||
+ | # (see spamassassin(1) for details) | ||
+ | # These should be safe assumptions and allow for simple visual sifting | ||
+ | # without risking lost emails. | ||
+ | required_hits 5.0 | ||
+ | report_safe 0 | ||
+ | required_score 5 | ||
+ | rewrite_header Subject [SPAM] | ||
+ | # whitelist everyone at domain1.com: | ||
+ | whitelist_from *@domain1.com | ||
+ | # whitelist everyone at domain2.com: | ||
+ | whitelist_from *@domain2.com | ||
+ | trusted_networks 11.11.250.60 | ||
+ | header ALLOWN4H Received=~ /\[11.11.250.60\]/ | ||
+ | score ALLOWN4H -9 | ||
+ | describe ALLOWN4H Allows relays from 11.11.250.60 | ||
+ | whitelist_from *@webhostingtalk.com | ||
+ | whitelist_from *@www.webhostingtalk.com | ||
+ | #useBayes 1 | ||
+ | #auto_learn 0 | ||
+ | #auto_learn 1 | ||
+ | use_bayes 1 | ||
+ | bayes_auto_learn 1 | ||
+ | bayes_auto_learn_threshold_nonspam -0.001 | ||
+ | bayes_auto_learn_threshold_spam 10.0 | ||
+ | #bayes_path /var/spamassassin/bayes/ | ||
+ | #bayes_file_mode 077 | ||
+ | |||
+ | [[Category:Linux]] |
Latest revision as of 17:11, 2 February 2017
We'll show the example how to block spam on your mailserver. In short - this is config example of postfix with spamassasin . Surely we are using rbls in a postfix config.
Installation
Firstly you need to update your OS distribution to latest version:
yum update -y
Install Spamassassin:
yum install spamassassin
Configuration
Open spamassassin configuration file:
nano /etc/mail/spamassassin/local.cf
Uncomment or add the following lines:
required_hits 5.0 report_safe 0 required_score 5 rewrite_header Subject [SPAM]
Add user and group for spamassassin and change owner of log directory:
groupadd spamd useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd chown spamd:spamd /var/log/spamassassin
Integration to Postfix
First it might be a good idea to add some HELO and recipient restrictions into /etc/postfix/main.cf:
# HELO restrictions: smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit
# Recipient restrictions: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcannibal.org, check_policy_service unix:postgrey/socket, permit
Note that "permit_sasl_authenticated" is optional and will only work if you have sasl auth installed and working.
Using blacklists is on your own choice. The email will be rejected in case listed in any of blacklists in postfix config
Now open postfix master.cf file:
nano /etc/postfix/master.cf
We should now change the master.cf file to look as follows:
# ==================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ==================================================================== smtp inet n - n - - smtpd -o content_filter=spamassassin
At the bottom of this file we should add the following line:
spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}
Before starting the spamassassin service use this command:
sa-update && /etc/init.d/spamassassin reload
Now you can to start spamassassin:
/etc/init.d/postfix reload /etc/init.d/spamassassin reload
Testing
Create an email from any address and service outside of your domain, e.g. Yahoo or Gmail. Address the email to an email address on the newly-configured mail server, then within the subject line we can use the following test string:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
If you will see [SPAM] in the subject line, Spamassassin work correctly.
Discard spam
If you see that only a real spam is being marked as spam, you can configure postfix to discard that mails and forget about spam.
Open the file /etc/postfix/main.cf and add this line (if it is not already present):
header_checks = regexp:/etc/postfix/header_checks
Open the file /etc/postfix/header_checks and add this line (if it is not already present):
/^X-Spam-Flag:.YES/ DISCARD spam
Restart postfix
service postfix restart
Example to add whitelisting rules. Simply add these lines to local.cf {usually located in /etc/mail/spamassassin}
Whitelist everyone at domain.com [all messages from this domain will be accepted]:
whitelist_from *@domain.com
Whitelist all emails sent from specified IP address:
header ALLOWN4H Received=~ /\[191.101.250.60\]/ score ALLOWN4H -9 describe ALLOWN4H Allows relays from 191.101.250.60
Example spamassasing config:
Config usually located : /etc/mail/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. required_hits 5.0 report_safe 0 required_score 5 rewrite_header Subject [SPAM] # whitelist everyone at domain1.com: whitelist_from *@domain1.com # whitelist everyone at domain2.com: whitelist_from *@domain2.com trusted_networks 11.11.250.60 header ALLOWN4H Received=~ /\[11.11.250.60\]/ score ALLOWN4H -9 describe ALLOWN4H Allows relays from 11.11.250.60 whitelist_from *@webhostingtalk.com whitelist_from *@www.webhostingtalk.com #useBayes 1 #auto_learn 0 #auto_learn 1 use_bayes 1 bayes_auto_learn 1 bayes_auto_learn_threshold_nonspam -0.001 bayes_auto_learn_threshold_spam 10.0 #bayes_path /var/spamassassin/bayes/ #bayes_file_mode 077