welcome: please sign in

Diff for "SpamAssassinAdmin"

Differences between revisions 4 and 7 (spanning 3 versions)
Revision 4 as of 2005-09-11 11:43:36
Size: 1721
Editor: AdamChlipala
Comment: -x
Revision 7 as of 2007-09-16 15:49:53
Size: 4644
Editor: MichaelOlson
Comment: sticky bit is +t, not +s
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 1. Create a new user `spamd` with home `/home/spamd`.  1. Create a new user `spamd` with home `/var/local/lib/spamd`.
 1. Add "spamd" to `/etc/cron.allow`.
Line 5: Line 6:
   1. `cd /home/spamd`    1. `cd ~spamd`
Line 7: Line 8:
   1. `maildirmake -f SiteSpam -s write Maildir`, to create a writable folder for misclassified spam.
   1. `maildirmake -f SiteHam -s write Maildir`, to create a writable folder for misclassified ham.
 1. Add the following to `spamd`'s crontab to learn from and delete messages in those shared folders every five minutes:
   1. `maildirmake -f SiteSpam -s write Maildir`, to create a writable folder for misclassified spam (or if extracting from a tarball, make sure it has the sticky bit set by doing {{{chmod +t Maildir/.SiteSpam/*}}}).
   1. `maildirmake -f SiteHam -s write Maildir`, to create a writable folder for misclassified ham (or if extracting from a tarball, make sure it has the sticky bit set by doing {{{chmod +t Maildir/.SiteHam/*}}}).
 1. Add the following to `~spamd/.crontab` to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine):
Line 11: Line 12:
0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --spam --dir /home/spamd/Maildir/.SiteSpam/cur >/dev/null; cd /home/spamd/Maildir/.SiteSpam/cur ; ls | xargs -r rm
0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --ham --dir /home/spamd/Maildir/.SiteHam/cur >/dev/null; cd /home/spamd/Maildir/.SiteHam/cur ; ls | xargs -r rm}}}
    The funny `xargs`-based way of deleting files is important, because `ls` has a hard limit on how many files it can handle, which we learned the hard way! Also, be sure there's a newline after the last line, or it won't be processed.
MAILTO=logs@MACHINENAME.hcoop.net

# NOTE: Once you are certain that sa-learn is working, add "> /dev/null" after it, but before "; find"
# Learn from submitted spam
0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --spam --dir /var/local/lib/spamd/Maildir/.SiteSpam/cur ; find /var/local/lib/spamd/Maildir/.SiteSpam/cur -type f -delete
# Learn from submitted ham
0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --ham --dir /var/local/lib/spamd/Maildir/.SiteHam/cur ; find /var/local/lib/spamd/Maildir/.SiteHam/cur -type f -delete
# Remove any artifacts that were submitted while running sa-learn
3 3 * * * find /var/local/lib/spamd/Maildir/.SiteHam/tmp -type f -delete ; find /var/local/lib/spamd/Maildir/.SiteSpam/tmp -type f -delete
}}}
    '''Be sure there's a newline after the last line, or it won't be processed.'''
Line 16: Line 25:
bayes_path /home/spamd/}}}
 1. Modify `/etc/default/spamassassin` by adding `-u spamd -x` to `OPTIONS`. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user.
# Location of bayes data
bayes_path /var/local/lib/spamd/bayes/.spamassassin/bayes

# Fix bayes permissions
bayes_file_mode 0770

# Directives from old setup
# [any custom stuff from the old /etc/spamassassin/local.cf that you want to keep]
}}}
 1. Modify `/etc/default/spamassassin` by setting `OPTIONS` and `ENABLED`as follows. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user.
    {{{
# Change to one to enable spamd
ENABLED=1

OPTIONS="--create-prefs --max-children 5 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log"

PIDFILE="/var/local/lib/spamd/pid"
}}}
 1. Make a file called `/etc/logrotate.d/spamd` with the following contents.
    {{{
/var/log/spamd.log {
        weekly
                missingok
                create 0640 root adm
                rotate 4
                compress
                delaycompress
                sharedscripts
                postrotate
                [ -f '/var/local/lib/spamd/pid' ] && (kill -HUP `cat /var/local/lib/spamd/pid`) || exit 0
                endscript
}
}}}
 1. Start the daemon by doing {{{/etc/init.d/spamassassin start}}}. Check `/var/log/spamd.log` to be sure that it started OK.
 1. Install the `.crontab` entries that you wrote earlier by doing {{{crontab -u spamd ~spamd/.crontab}}} as root. Do this every time that you make changes to `~spamd/.crontab`.
 1. Edit {{{/etc/courier/shared/index}}} as follows, being sure to separate each column with a single TAB character. The second column is UID, and third column is GID -- consult `/etc/passwd` and `/etc/group` to make these match the `spamd` user and group.
    {{{
spamd 116 119 /var/local/lib/spamd
}}}
 1. Restart courier's IMAP process: {{{runsv restart courier-imap}}}
 1. Test by checking to see if you can access {{{shared.SpamAssassin.SiteHam}}} and {{{shared.SpamAssassin.SiteSpam}}} from IMAP. If not, do {{{maildirmake --add SpamAssassin=~spamd/Maildir ~/Maildir}}} as your normal user from the machine that does courier (and presumably spamassassin as well). You might need to replace `~` with `~USERNAME` if you are using sudo to do this, where USERNAME is your normal username.
 1. Now copy some spammy mail into the {{{SiteSpam}}} directory, wait 5 minutes, and check to see if the mail got learned and deleted.
 1. If so, edit {{{~spamd/.crontab}}} to pipe the output of sa-learn to /dev/null, and run crontab as specified earlier to propogate this change.

Here's how we set up our site-wide SpamAssassin bayes database, including the ability for users to train it.

  1. Create a new user spamd with home /var/local/lib/spamd.

  2. Add "spamd" to /etc/cron.allow.

  3. Perform the following as spamd:

    1. cd ~spamd

    2. maildirmake -S Maildir, to create the shared SpamAssassin mailbox.

    3. maildirmake -f SiteSpam -s write Maildir, to create a writable folder for misclassified spam (or if extracting from a tarball, make sure it has the sticky bit set by doing chmod +t Maildir/.SiteSpam/*).

    4. maildirmake -f SiteHam -s write Maildir, to create a writable folder for misclassified ham (or if extracting from a tarball, make sure it has the sticky bit set by doing chmod +t Maildir/.SiteHam/*).

  4. Add the following to ~spamd/.crontab to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine):

    • MAILTO=logs@MACHINENAME.hcoop.net
      
      # NOTE: Once you are certain that sa-learn is working, add "> /dev/null" after it, but before "; find"
      # Learn from submitted spam
      0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --spam --dir /var/local/lib/spamd/Maildir/.SiteSpam/cur ; find /var/local/lib/spamd/Maildir/.SiteSpam/cur -type f -delete
      # Learn from submitted ham
      0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --ham --dir /var/local/lib/spamd/Maildir/.SiteHam/cur ; find /var/local/lib/spamd/Maildir/.SiteHam/cur -type f -delete
      # Remove any artifacts that were submitted while running sa-learn
      3 3 * * * find /var/local/lib/spamd/Maildir/.SiteHam/tmp -type f -delete ; find /var/local/lib/spamd/Maildir/.SiteSpam/tmp -type f -delete

      Be sure there's a newline after the last line, or it won't be processed.

  5. Modify /etc/spamassassin/local.cf with the directive:

    • # Location of bayes data
      bayes_path /var/local/lib/spamd/bayes/.spamassassin/bayes
      
      # Fix bayes permissions
      bayes_file_mode 0770
      
      # Directives from old setup
      # [any custom stuff from the old /etc/spamassassin/local.cf that you want to keep]
  6. Modify /etc/default/spamassassin by setting OPTIONS and ENABLEDas follows. The -x prevents spamd from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the spamd user.

    • # Change to one to enable spamd
      ENABLED=1
      
      OPTIONS="--create-prefs --max-children 5 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log"
      
      PIDFILE="/var/local/lib/spamd/pid"
  7. Make a file called /etc/logrotate.d/spamd with the following contents.

    • /var/log/spamd.log {
              weekly
                      missingok
                      create 0640 root adm
                      rotate 4
                      compress
                      delaycompress
                      sharedscripts
                      postrotate
                      [ -f '/var/local/lib/spamd/pid' ] && (kill -HUP `cat /var/local/lib/spamd/pid`) || exit 0
                      endscript
      }
  8. Start the daemon by doing /etc/init.d/spamassassin start. Check /var/log/spamd.log to be sure that it started OK.

  9. Install the .crontab entries that you wrote earlier by doing crontab -u spamd ~spamd/.crontab as root. Do this every time that you make changes to ~spamd/.crontab.

  10. Edit /etc/courier/shared/index as follows, being sure to separate each column with a single TAB character. The second column is UID, and third column is GID -- consult /etc/passwd and /etc/group to make these match the spamd user and group.

    • spamd   116     119     /var/local/lib/spamd
  11. Restart courier's IMAP process: runsv restart courier-imap

  12. Test by checking to see if you can access shared.SpamAssassin.SiteHam and shared.SpamAssassin.SiteSpam from IMAP. If not, do maildirmake --add SpamAssassin=~spamd/Maildir ~/Maildir as your normal user from the machine that does courier (and presumably spamassassin as well). You might need to replace ~ with ~USERNAME if you are using sudo to do this, where USERNAME is your normal username.

  13. Now copy some spammy mail into the SiteSpam directory, wait 5 minutes, and check to see if the mail got learned and deleted.

  14. If so, edit ~spamd/.crontab to pipe the output of sa-learn to /dev/null, and run crontab as specified earlier to propogate this change.


CategorySystemAdministration

SpamAssassinAdmin (last edited 2021-11-06 18:42:33 by ClintonEbadi)