|
Size: 4730
Comment: make this page a bit less misleading...
|
← Revision 18 as of 2021-11-06 18:42:33 ⇥
Size: 710
Comment: ... but the puppet parts for installing spamd aren't public yet
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| '''WARNING:''' This does not describe our current setup even remotely. | {{{#!wiki note '''Additional information is available at a [[https://wiki.hcoop.net/SpamAssassinAdmin?rev=14|previous version of this page]]''' |
| Line 3: | Line 4: |
| Here's how we set up our site-wide Spam``Assassin bayes database, including the ability for users to train it. 1. Create a new user `spamd` with home `/var/local/lib/spamd`. 1. Add "spamd" to `/etc/cron.allow`. 1. Add the following to `~spamd/.crontab` to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine): {{{#!wiki note The crontab and other files should be stored in a git repo rather than copied verbatim from this page }}} {{{ PATH=/afs/hcoop.net/common/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin MAILTO=logs@hopper.hcoop.net # Learn from submitted spam 0,10,20,30,40,50 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --spam # Learn from submitted ham 5,15,25,35,45,55 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --ham # Remove any tmp cruft 3 3 * * * run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteHam/tmp -noleaf -type f -delete ; run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteSpam/tmp -noleaf -type f -delete # Remove stale lock file 3 4 * * * find /var/local/lib/spamd/ -mindepth 1 -maxdepth 1 -type f -name '.lock' -ctime +2 -delete }}} '''Be sure there's a newline after the last line, or it won't be processed.''' 1. Copy the `learn-spam` script from the `spam` directory of the hcoop "misc" repository into the directory `~spamd/scripts`. 1. Checkout a copy of the hcoop spamassassin configuration into `/etc/spamassassin` from git. If the version of spamassassin is much newer than the version the configuration was created againt, a diff between the two and any relevant changes should be merged into the git repository. {{{ cd /etc && git clone /afs/hcoop.net/user/h/hc/hcoop/.hcoop-git/config/spamassassin.git/ }}} 1. Modify `/etc/default/spamassassin` by setting `OPTIONS` and `ENABLED`as follows. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user. {{{#!wiki note This also should be stored in a git repository, but is not. Check the current spamd server for the current values if needed. }}} {{{ # Change to one to enable spamd ENABLED=1 OPTIONS="--create-prefs --max-children 18 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log -A 69.90.123.67,127.0.0.1 -i 0.0.0.0" PIDFILE="/var/local/lib/spamd/pid" CRON=1 }}} 1. Make a file called `/etc/logrotate.d/spamd` with the following contents. {{{ /var/log/spamd.log { weekly missingok create 0640 root adm rotate 4 compress delaycompress sharedscripts postrotate [ -f '/var/local/lib/spamd/pid' ] && (kill -HUP `cat /var/local/lib/spamd/pid`) || exit 0 endscript } }}} 1. Start the daemon by doing {{{/etc/init.d/spamassassin start}}}. Check `/var/log/spamd.log` to be sure that it started OK. 1. Install the `.crontab` entries that you wrote earlier by doing {{{crontab -u spamd ~spamd/.crontab}}} as root. Do this every time that you make changes to `~spamd/.crontab`. {{{#!wiki caution The following tasks would be done on whichever machine runs IMAP, and are mostly wrong. |
It is quite outdated. However, it may have some information which has not yet been incorporated into the current version. |
| Line 66: | Line 8: |
| 1. Edit {{{/etc/courier/shared/index}}} as follows, being sure to separate each column with a single TAB character. The second column is UID, and third column is GID -- consult `/etc/passwd` and `/etc/group` to make these match the `spamd` user and group. {{{ spamd 116 119 /var/local/lib/spamd }}} 1. Restart courier's IMAP process: {{{runsv restart courier-imap}}} 1. Test by checking to see if you can access {{{shared.SpamAssassin.SiteHam}}} and {{{shared.SpamAssassin.SiteSpam}}} from IMAP. If not, do {{{maildirmake --add SpamAssassin=~spamd/Maildir ~/Maildir}}} as your normal user from the machine that does courier (and presumably spamassassin as well). You might need to replace `~` with `~USERNAME` if you are using sudo to do this, where USERNAME is your normal username. 1. Now copy some spammy mail into the {{{SiteSpam}}} directory, wait 5 minutes, and check to see if the mail got learned and deleted. 1. If so, edit {{{~spamd/.crontab}}} to pipe the output of sa-learn to /dev/null, and run crontab as specified earlier to propogate this change. |
== FAQ == === Where can I find the config files? === A: https://git.hcoop.net/hcoop/config/spamassassin.git contains the current spamd configuration, which is pulled into puppet using a git submodule. Installation is handled using Puppet classes `hcoop::service::mail::spamassassin::{client,server}`, which is unfortunately only accessible to members with admin accounts currently. |
| Line 77: | Line 18: |
| CategoryObsolete |
Additional information is available at a previous version of this page
It is quite outdated. However, it may have some information which has not yet been incorporated into the current version.
1. FAQ
1.1. Where can I find the config files?
A: https://git.hcoop.net/hcoop/config/spamassassin.git contains the current spamd configuration, which is pulled into puppet using a git submodule.
Installation is handled using Puppet classes hcoop::service::mail::spamassassin::{client,server}, which is unfortunately only accessible to members with admin accounts currently.