Anti-spam setup
Man, setting up an anti-spam toolsuite is a PITA. Spammers suck.
Anyway, I started off with the this HOWOTO from howtoforge.com, skipping all the SQL stuff because I'm not using a virtual setup (for now - maybe the final setup will, I'm not sure yet). Some key
differences in my setup:
In the install:
Finally, I'm gonna have to do a major hardware upgrade - it doesn't look like 256MB is enough to run the OS and apache and php and amavisd and clamd and mysql and vsftpd and postfix - doing absolutely nothing it's swapped out 150MB. Needing more RAM and a new harddrive to replace the failed one... it's getting to the point where it's not worth using this 1Ghz P3 Coppermine system.
Anyway, I started off with the this HOWOTO from howtoforge.com, skipping all the SQL stuff because I'm not using a virtual setup (for now - maybe the final setup will, I'm not sure yet). Some key
differences in my setup:
In the install:
- The HOWOTO is for Fedora, not CentOS. You need to add "clamd" and "razor-agents" to the install.
- There's no "pyzor" package for CentOS. Need to install from source.
- I didn't setup razor/pyzor exactly like the HOWTO. I can't recall all the details, but I just su'd to amavis and did it as a "standalone user". But since amavisd does all the SA processing as amavis, it's effectively global. I think I just followed the default documentation.
- There's no "freshclam" init script. I still have to write something that crons (or borrow the script from Fedora). I just ran it by hand for now.
- Installed "fetchmail". I'm majorly impressed by Horde on this one. IMP was working great and as soon as I installed fetchmail, all the options for remote mail retrival showed up
- $sa_tag_level_deflt = undef; - always print the SA headers
- @local_domains_maps = ( [".$mydomain", 'example.com', 'foobar.tld'] ); - if all your domains aren't here, the SA headers won't be added to the messages
- $sa_spam_subject_tag = '[SPAM] '; - damn, i hate the asterisks in the subject
- Uncomment the 'ClamAV-clamd' section
- Make sure you add amavis to the clamd group
- Add "LocalSocket /var/run/clamav/clamd"
- Comment out the TCPSocket and TCPAddr sections
- Make sure you add clamd to the amavis group, just to be sure.
- Got rid of the home_mailbox directive for Maildirs from yesterday's setup
- added "mailbox_command = /usr/bin/procmail"
- created /etc/procmailrc with:
DEFAULT=$HOME/Maildir/
The logging stuff is just temporary.
LOGFILE=/var/log/procmail.log
LOBABSTRACT=all - The reason for the switch to procmail was the Ingo module for horde. It's pretty solid. It will update a user's .procmailrc via the FTP VFS backend, all using the single-signon password. My backend looks like this:
$backends['procmail'] = array(
That last variable is redundant with the /etc/procmailrc settings, but I don't want the users to try anything crazy.
'driver' => 'vfs',
'preferred' => 'home.tonns.net',
'hordeauth' => true,
'params' => array(
'hostspec' => 'localhost',
'filename' => '.procmailrc',
'port' => 21,
'vfstype' => 'ftp'
),
'script' => 'procmail',
'scriptparams' => array(
'path_style' => 'maildir',
'variables' => array(
'DEFAULT' => '$HOME/Maildir/',
)
)
); - added to my .procmailrc using Ingo:
##### SPAM #####
Which does as you'd expect. I also added it to /etc/skel/.procmailrc, but horde doesn't read in existing procmail rules, it just knows about the ones it created. I have to look into it - maybe I'll put it in the global procmailrc.
:0
* ^X-Spam-Status:.*Yes
"$DEFAULT/.SPAM/" - mkdir -p /etc/skel/Maildir/SPAM; mkdir -p /etc/skel/Maildir/.LearnAsSpam; mkdir -p /etc/skel/Maildir/.LearnAsNotSpam - if the Maildir doesn't exist IMP default to mbox in $HOME/mail - which is not what we want, so have them created by default.
- Finally, I wrote a shell script that uses archivemail and sa-learn to clean out everyone's LearnAsSpam/NotSpam directories and add them to the global SA bayes filter (which is in the user amavis's home directory)
Finally, I'm gonna have to do a major hardware upgrade - it doesn't look like 256MB is enough to run the OS and apache and php and amavisd and clamd and mysql and vsftpd and postfix - doing absolutely nothing it's swapped out 150MB. Needing more RAM and a new harddrive to replace the failed one... it's getting to the point where it's not worth using this 1Ghz P3 Coppermine system.
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home