2014-09-27 16:16:15 +00:00
|
|
|
#!/bin/bash
|
2013-09-01 14:13:51 +00:00
|
|
|
# Spam filtering with spamassassin via spampd
|
2014-10-13 14:00:26 +00:00
|
|
|
# -------------------------------------------
|
2014-10-04 21:57:26 +00:00
|
|
|
#
|
2013-09-01 14:13:51 +00:00
|
|
|
# spampd sits between postfix and dovecot. It takes mail from postfix
|
|
|
|
# over the LMTP protocol, runs spamassassin on it, and then passes the
|
|
|
|
# message over LMTP to dovecot for local delivery.
|
2014-10-04 21:57:26 +00:00
|
|
|
#
|
2013-09-01 14:13:51 +00:00
|
|
|
# In order to move spam automatically into the Spam folder we use the dovecot sieve
|
2014-10-04 21:57:26 +00:00
|
|
|
# plugin.
|
2013-09-01 14:13:51 +00:00
|
|
|
|
2014-09-27 16:16:15 +00:00
|
|
|
source /etc/mailinabox.conf # get global vars
|
2014-06-03 11:12:38 +00:00
|
|
|
source setup/functions.sh # load our functions
|
2014-05-01 19:13:00 +00:00
|
|
|
|
2014-10-12 17:54:25 +00:00
|
|
|
# Install packages and basic configuration
|
|
|
|
# ----------------------------------------
|
|
|
|
|
2013-09-01 14:13:51 +00:00
|
|
|
# Install packages.
|
2015-08-19 19:58:35 +00:00
|
|
|
echo "Installing SpamAssassin..."
|
2014-07-10 07:18:01 +00:00
|
|
|
apt_install spampd razor pyzor dovecot-antispam
|
2014-04-23 16:45:46 +00:00
|
|
|
|
|
|
|
# Allow spamassassin to download new rules.
|
|
|
|
tools/editconf.py /etc/default/spamassassin \
|
|
|
|
CRON=1
|
|
|
|
|
2015-07-17 11:13:15 +00:00
|
|
|
# Configure pyzor, which is a client to a live database of hashes of
|
|
|
|
# spam emails. Set the pyzor configuration directory to something sane.
|
|
|
|
# The default is ~/.pyzor. We used to use that, so we'll kill that old
|
|
|
|
# directory. Then write the public pyzor server to its servers file.
|
|
|
|
# That will prevent an automatic download on first use, and also means
|
|
|
|
# we can skip 'pyzor discover', both of which are currently broken by
|
|
|
|
# something happening on Sourceforge (#496).
|
|
|
|
rm -rf ~/.pyzor
|
|
|
|
tools/editconf.py /etc/spamassassin/local.cf -s \
|
|
|
|
pyzor_options="--homedir /etc/spamassassin/pyzor"
|
2015-07-18 00:26:17 +00:00
|
|
|
mkdir -p /etc/spamassassin/pyzor
|
2015-07-17 11:13:15 +00:00
|
|
|
echo "public.pyzor.org:24441" > /etc/spamassassin/pyzor/servers
|
|
|
|
# check with: pyzor --homedir /etc/mail/spamassassin/pyzor ping
|
2013-08-23 15:59:28 +00:00
|
|
|
|
2015-04-09 14:45:32 +00:00
|
|
|
# Configure spampd:
|
|
|
|
# * Pass messages on to docevot on port 10026. This is actually the default setting but we don't
|
|
|
|
# want to lose track of it. (We've configured Dovecot to listen on this port elsewhere.)
|
|
|
|
# * Increase the maximum message size of scanned messages from the default of 64KB to 500KB, which
|
|
|
|
# is Spamassassin (spamc)'s own default. Specified in KBytes.
|
|
|
|
tools/editconf.py /etc/default/spampd \
|
|
|
|
DESTPORT=10026 \
|
|
|
|
ADDOPTS="\"--maxsize=500\""
|
2013-08-23 15:59:28 +00:00
|
|
|
|
2014-10-31 11:20:47 +00:00
|
|
|
# Spamassassin normally wraps spam as an attachment inside a fresh
|
|
|
|
# email with a report about the message. This also protects the user
|
|
|
|
# from accidentally openening a message with embedded malware.
|
|
|
|
#
|
|
|
|
# It's nice to see what rules caused the message to be marked as spam,
|
|
|
|
# but it's also annoying to get to the original message when it is an
|
|
|
|
# attachment, modern mail clients are safer now and don't load remote
|
|
|
|
# content or execute scripts, and it is probably confusing to most users.
|
|
|
|
#
|
|
|
|
# Tell Spamassassin not to modify the original message except for adding
|
|
|
|
# the X-Spam-Status mail header and related headers.
|
|
|
|
tools/editconf.py /etc/spamassassin/local.cf -s \
|
|
|
|
report_safe=0
|
|
|
|
|
2014-10-12 17:54:25 +00:00
|
|
|
# Bayesean learning
|
|
|
|
# -----------------
|
|
|
|
#
|
|
|
|
# Spamassassin can learn from mail marked as spam or ham, but it needs to be
|
|
|
|
# configured. We'll store the learning data in our storage area.
|
|
|
|
#
|
|
|
|
# These files must be:
|
|
|
|
#
|
|
|
|
# * Writable by sa-learn-pipe script below, which run as the 'mail' user, for manual tagging of mail as spam/ham.
|
|
|
|
# * Readable by the spampd process ('spampd' user) during mail filtering.
|
|
|
|
# * Writable by the debian-spamd user, which runs /etc/cron.daily/spamassassin.
|
|
|
|
#
|
|
|
|
# We'll have these files owned by spampd and grant access to the other two processes.
|
|
|
|
|
|
|
|
tools/editconf.py /etc/spamassassin/local.cf -s \
|
|
|
|
bayes_path=$STORAGE_ROOT/mail/spamassassin/bayes
|
|
|
|
|
|
|
|
mkdir -p $STORAGE_ROOT/mail/spamassassin
|
|
|
|
chown -R spampd:spampd $STORAGE_ROOT/mail/spamassassin
|
|
|
|
|
|
|
|
# To mark mail as spam or ham, just drag it in or out of the Spam folder. We'll
|
|
|
|
# use the Dovecot antispam plugin to detect the message move operation and execute
|
|
|
|
# a shell script that invokes learning.
|
|
|
|
|
|
|
|
# Enable the Dovecot antispam plugin.
|
2014-10-04 21:57:26 +00:00
|
|
|
# (Be careful if we use multiple plugins later.) #NODOC
|
2014-10-04 18:06:08 +00:00
|
|
|
sed -i "s/#mail_plugins = .*/mail_plugins = \$mail_plugins antispam/" /etc/dovecot/conf.d/20-imap.conf
|
2015-01-26 07:37:01 +00:00
|
|
|
sed -i "s/#mail_plugins = .*/mail_plugins = \$mail_plugins antispam/" /etc/dovecot/conf.d/20-pop3.conf
|
2013-08-23 15:59:28 +00:00
|
|
|
|
2013-09-01 14:13:51 +00:00
|
|
|
# Configure the antispam plugin to call sa-learn-pipe.sh.
|
2013-08-23 15:59:28 +00:00
|
|
|
cat > /etc/dovecot/conf.d/99-local-spampd.conf << EOF;
|
|
|
|
plugin {
|
|
|
|
antispam_backend = pipe
|
|
|
|
antispam_spam_pattern_ignorecase = SPAM
|
2015-08-20 04:50:32 +00:00
|
|
|
antispam_trash_pattern_ignorecase = trash;Deleted *
|
2013-08-23 15:59:28 +00:00
|
|
|
antispam_allow_append_to_spam = yes
|
2014-09-27 16:06:11 +00:00
|
|
|
antispam_pipe_program_spam_args = /usr/local/bin/sa-learn-pipe.sh;--spam
|
|
|
|
antispam_pipe_program_notspam_args = /usr/local/bin/sa-learn-pipe.sh;--ham
|
2013-08-23 15:59:28 +00:00
|
|
|
antispam_pipe_program = /bin/bash
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
|
2014-10-12 17:54:25 +00:00
|
|
|
# Have Dovecot run its mail process with a supplementary group (the spampd group)
|
|
|
|
# so that it can access the learning files.
|
2014-09-20 15:07:30 +00:00
|
|
|
|
2014-10-12 16:11:08 +00:00
|
|
|
tools/editconf.py /etc/dovecot/conf.d/10-mail.conf \
|
|
|
|
mail_access_groups=spampd
|
|
|
|
|
2014-10-12 17:54:25 +00:00
|
|
|
# Here's the script that the antispam plugin executes. It spools the message into
|
|
|
|
# a temporary file and then runs sa-learn on it.
|
|
|
|
# from http://wiki2.dovecot.org/Plugins/Antispam
|
|
|
|
rm -f /usr/bin/sa-learn-pipe.sh # legacy location #NODOC
|
|
|
|
cat > /usr/local/bin/sa-learn-pipe.sh << EOF;
|
|
|
|
cat<&0 >> /tmp/sendmail-msg-\$\$.txt
|
|
|
|
/usr/bin/sa-learn \$* /tmp/sendmail-msg-\$\$.txt > /dev/null
|
|
|
|
rm -f /tmp/sendmail-msg-\$\$.txt
|
|
|
|
exit 0
|
|
|
|
EOF
|
|
|
|
chmod a+x /usr/local/bin/sa-learn-pipe.sh
|
|
|
|
|
2014-10-12 18:04:51 +00:00
|
|
|
# Create empty bayes training data (if it doesn't exist). Once the files exist,
|
|
|
|
# ensure they are group-writable so that the Dovecot process has access.
|
2014-10-12 17:54:25 +00:00
|
|
|
sudo -u spampd /usr/bin/sa-learn --sync 2>/dev/null
|
2014-10-12 18:04:51 +00:00
|
|
|
chmod -R 660 $STORAGE_ROOT/mail/spamassassin
|
|
|
|
chmod 770 $STORAGE_ROOT/mail/spamassassin
|
2014-09-20 15:07:30 +00:00
|
|
|
|
2013-08-23 15:59:28 +00:00
|
|
|
# Initial training?
|
|
|
|
# sa-learn --ham storage/mail/mailboxes/*/*/cur/
|
|
|
|
# sa-learn --spam storage/mail/mailboxes/*/*/.Spam/cur/
|
|
|
|
|
2013-09-01 14:13:51 +00:00
|
|
|
# Kick services.
|
2014-07-16 13:06:45 +00:00
|
|
|
restart_service spampd
|
|
|
|
restart_service dovecot
|
2013-08-23 15:59:28 +00:00
|
|
|
|