This should setup your mail server to block all incomming spam while still letting users have easy access to e-mails that may have been legitimate.
Name: Dovecot
HomePage: http://dovecot.org/
Function: Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind.
Name: Postfix
HomePage: http://www.postfix.org/
Function: Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users
Name: Squirrel Mail
Homepage: http://www.squirrelmail.org/
Function: SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify Spam
Name: Spamassassin
HomePage: http://spamassassin.apache.org/
Function: SpamAssassin is a mature, widely-deployed open source project that serves as a mail filter to identify Spam
Name: Procmail
HomePage: http://www.procmail.org/
Function: procmail is a set of rules for each mail that comes into the system.
1. Make sure that the correct programs are installed
rpm -qa | grep postifx
rpm -qa | grep procmail
rpm -qa | grep Spamassassin
rpm -qa | grep Squirrelmail
2. Now let’s set postfix to use procmail
nano /etc/postfix/main.cf
main.cf:
mailbox_command = /usr/bin/procmail -t /etc/procmailrc
3. Once postfix is set start postfix
/etc/init.d/postfix start
4. Now set postfix to be the default mta
alternatives --config mta
choose postfix
5. Edit the /etc/skel/.procmailrc file
nano /etc/skel/.procmailrc
.procmailrc:
LOGFILE=$HOME/mail/procmail.log
DROPPRIVS=yes
:0fw
| /usr/bin/spamassassin
:0
* ^X-Spam-Status: Yes
$HOME/mail/Junk
6. Now add the following information to the spamassassin configuration file
nano /etc/mail/spamassassin/local.cf
local.cf:
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
# ================== Whitelist =====================
whitelist_from *.dnr.state.ak.us
whitelist_from *.jimweller.net
whitelist_from user@nowhere.com This e-mail address is being protected from spam bots, you need JavaScript enabled to view it
# ============= Extend Filter Ruleset ==============
# Filter viagra spam.
header VIAGRA Subject =~ /viagra/i
score VIAGRA 1.0
# Filter penis spam.
header PENIS Subject =~ /penis/i
score PENIS 1.0
7. Now start spamassassin
/etc/init.d/spamassassin start
8. Once this is done go to the squirrelmail website and download the autosubscribe plugin.
http://squirrelmail.org/plugin_download.php?id=245&rev=1168
9. Now to install the autosubscribe plugin to create the junk mail mailbox
cp autosubscribe-1.0-1.4.2.tar.gz /usr/share/squirrelmail/plugins/
10. Now unzip autosubscribe-1.0-1.4.2.tar.gz in the plugins folder
tar -zxvf autosubscribe-1.0-1.4.2.tar.gz
11. Now change into the autosubscribe directory and setup the plugin
cd autosubscribe
cp config_sample.php config.php
12. Now change the following two variables to suit your system
nano config.php
config.php:
$autosubscribe_folders='Junk';
$autosubscribe_special_folders='Junk';
13. Once all that is done, install the plugin using the squirrelmail conf.pl program
/usr/share/squirrelmail/plugin/conf.pl
14. Choose option 8 to install plugins
SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books (LDAP)
7. Message of the Day (MOTD)
8. Plugins
9. Database
D. Set pre-defined settings for specific IMAP servers
C. Turn color off
S Save data
Q Quit
Command >> 8
15. Now choose whatever number the autosubscribe option is to install it, in this case it is number 5
SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. squirrelspell
2. newmail
3. abook_group
Available Plugins:
4. autosubscribe
5. abook_take
R Return to Main Menu
C. Turn color off
S Save data
Q Quit
Command >> 5
16. Once all that is done, save (s)
17. Now go to the squirrelmail website and download the spam_button plugin.
http://www.squirrelmail.org/plugin_view.php?id=242
18. Now to install the spam_button plugin to create the mark as junk mail button
cp spam_buttons-1.0-1.4.tar.gz /usr/share/squirrelmail/plugins/
19. Now unzip spam_buttons-1.0-1.4.tar.gz in the plugins folder
tar -zxvf spam_buttons-1.0-1.4.tar.gz
20. Now change into the autosubscribe directory and setup the plugin
cd spam_buttons
cp config_sample.php config.php
21. Now change the following two variables to suit your system
nano config.php
config.php:
$is_spam_shell_command = '/usr/bin/sa-learn --spam --username=###EMAIL_ADDRESS###';
$is_not_spam_shell_command = '/usr/bin/sa-learn --ham --username=###EMAIL_ADDRESS###';
22. Once all that is done, install the plugin using the squirrelmail conf.pl program
/usr/share/squirrelmail/plugin/conf.pl
23. Choose option 8 to install plugins
SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books (LDAP)
7. Message of the Day (MOTD)
8. Plugins
9. Database
D. Set pre-defined settings for specific IMAP servers
C. Turn color off
S Save data
Q Quit
Command >> 8
24. Now choose whatever number the spam_buttons option is to install it, in this case it is number 5
SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. squirrelspell
2. newmail
3. abook_group
Available Plugins:
4. autosubscribe
5. spam_buttons
R Return to Main Menu
C. Turn color off
S Save data
Q Quit
Command >> 5
25. Once all that is done, save (s) and quit (q)
26. Now make sure you have restarted all your services and make sure they are all set to start on book
/etc/init.d/postfix restart
/etc/init.d/httpd restart
/etc/init.d/spamassassin restart
and set them all to start on boot
chkconfig postfix on
chkconfig httpd on
chkconfig spamassassin on
27. Once all that is done, you can run some tests to make sure it's all working ok
send an e-mail from an outside address with the subject and body containing
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
that should be maked as spam
add an outside email to the black list and then e-mail from the outside e-mail address to your spamassassin protected mail server
blacklist_from *@hotmail.com
They should now all go into the users Junk mail box in /home/username/mail/Junk
I'd suggest set a script to run once every two or three months to remove the Junk mail box from all the users home directory.
'rm /home*/mail/Junk'
Extra Settings for Pyzor, DCC, Razor & Rules Du Jour
Fighting Spam With SpamAssassin, Pyzor, DCC, Razor & Rules Du Jour
Extra Settings for Mailman
I use mailman as my list manager and spamassassin almost kills my server when I send an e-mail to my list, because spamassassin is trying to scan 150 e-mails at once, so this is how I avoid that.
Make this your ~/.procmailrc file, it allows anything that comes from your domain to go straight to your inbox rather than go though SpamAssassin.
This is a risk though, you might start getting spamed from your domain name and they wont get scanned, so this might not be a good idea for everyone.
nano /etc/skel/.procmailrc
.procmailrc:
LOGFILE="$HOME/procmail.log"
DROPPRIVS=yes
:0:
* ^From:.*@mydomain\.com\.au
$DEFAULT
:0fw
| /usr/bin/spamassassin
:0
* ^X-Spam-Status: Yes
$HOME/mail/Junk
:0
* ^Subject: \[spam\]
$HOME/mail/Junk
No comments:
Post a Comment