|
Size: 4408
Comment: Document for new setup
|
Size: 4745
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| {{{#!wiki warning '''This does not not adequately describe our current setup''' }}} |
|
| Line 5: | Line 9: |
| 1. Perform the following as `spamd`: 1. `cd ~spamd` 1. `maildirmake -S Maildir`, to create the shared Spam``Assassin mailbox. 1. `maildirmake -f SiteSpam -s write Maildir`, to create a writable folder for misclassified spam (or if extracting from a tarball, make sure it has the sticky bit set by doing {{{chmod +s Maildir/.SiteSpam/*}}}). 1. `maildirmake -f SiteHam -s write Maildir`, to create a writable folder for misclassified ham (or if extracting from a tarball, make sure it has the sticky bit set by doing {{{chmod +s Maildir/.SiteHam/*}}}). 1. Add the following to `~spamd/.crontab` to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine): |
1. Add the following to `~spamd/.crontab` to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine): {{{#!wiki note The crontab and other files should be stored in a git repo rather than copied verbatim from this page }}} |
| Line 12: | Line 13: |
| MAILTO=logs@MACHINENAME.hcoop.net | PATH=/afs/hcoop.net/common/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin MAILTO=logs@hopper.hcoop.net |
| Line 14: | Line 16: |
| # NOTE: Once you are certain that sa-learn is working, add "> /dev/null" after it, but before "; find" 0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --spam -C /var/local/lib/spamd --dir /var/local/lib/spamd/Maildir/.SiteSpam/cur ; find /var/local/lib/spamd/Maildir/.SiteSpam/cur -type f -delete 0,5,10,15,20,25,30,35,40,45,50,55 * * * * sa-learn --ham -C /var/local/lib/spamd --dir /var/local/lib/spamd/Maildir/.SiteHam/cur ; find /var/local/lib/spamd/Maildir/.SiteHam/cur -type f -delete |
# Learn from submitted spam 0,10,20,30,40,50 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --spam # Learn from submitted ham 5,15,25,35,45,55 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --ham # Remove any tmp cruft 3 3 * * * run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteHam/tmp -noleaf -type f -delete ; run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteSpam/tmp -noleaf -type f -delete # Remove stale lock file 3 4 * * * find /var/local/lib/spamd/ -mindepth 1 -maxdepth 1 -type f -name '.lock' -ctime +2 -delete |
| Line 19: | Line 27: |
| 1. Modify `/etc/spamassassin/local.cf` with the directive: {{{ # Location of bayes data bayes_path /var/local/lib/spamd/bayes # Fix bayes permissions bayes_file_mode 0770 # Directives from old setup # [any custom stuff from the old /etc/spamassassin/local.cf that you want to keep] |
1. Copy the `learn-spam` script from the `spam` directory of the hcoop "misc" repository into the directory `~spamd/scripts`. 1. Checkout a copy of the hcoop spamassassin configuration into `/etc/spamassassin` from git. If the version of spamassassin is much newer than the version the configuration was created againt, a diff between the two and any relevant changes should be merged into the git repository. {{{ cd /etc && git clone /afs/hcoop.net/user/h/hc/hcoop/.hcoop-git/config/spamassassin.git/ |
| Line 30: | Line 32: |
| 1. Modify `/etc/default/spamassassin` by setting `OPTIONS` and `ENABLED`as follows. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user. | 1. Modify `/etc/default/spamassassin` by setting `OPTIONS` and `ENABLED`as follows. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user. {{{#!wiki note This also should be stored in a git repository, but is not. Check the current spamd server for the current values if needed. }}} |
| Line 35: | Line 39: |
| OPTIONS="--create-prefs --max-children 5 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log" | OPTIONS="--create-prefs --max-children 18 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log -A 69.90.123.67,127.0.0.1 -i 0.0.0.0" |
| Line 38: | Line 42: |
CRON=1 |
|
| Line 56: | Line 62: |
{{{#!wiki caution The following tasks would be done on whichever machine runs IMAP, and are mostly wrong. }}} |
|
| Line 67: | Line 79: |
| CategoryObsolete |
This does not not adequately describe our current setup
Here's how we set up our site-wide SpamAssassin bayes database, including the ability for users to train it.
Create a new user spamd with home /var/local/lib/spamd.
Add "spamd" to /etc/cron.allow.
Add the following to ~spamd/.crontab to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine):
The crontab and other files should be stored in a git repo rather than copied verbatim from this page
PATH=/afs/hcoop.net/common/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin MAILTO=logs@hopper.hcoop.net # Learn from submitted spam 0,10,20,30,40,50 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --spam # Learn from submitted ham 5,15,25,35,45,55 * * * * /var/local/lib/spamd/scripts/learn-spam-wrapper --ham # Remove any tmp cruft 3 3 * * * run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteHam/tmp -noleaf -type f -delete ; run-in-pagsh --fg clean find /var/local/lib/spamd/Maildir/.SiteSpam/tmp -noleaf -type f -delete # Remove stale lock file 3 4 * * * find /var/local/lib/spamd/ -mindepth 1 -maxdepth 1 -type f -name '.lock' -ctime +2 -delete
Be sure there's a newline after the last line, or it won't be processed.
Copy the learn-spam script from the spam directory of the hcoop "misc" repository into the directory ~spamd/scripts.
Checkout a copy of the hcoop spamassassin configuration into /etc/spamassassin from git. If the version of spamassassin is much newer than the version the configuration was created againt, a diff between the two and any relevant changes should be merged into the git repository.
cd /etc && git clone /afs/hcoop.net/user/h/hc/hcoop/.hcoop-git/config/spamassassin.git/
Modify /etc/default/spamassassin by setting OPTIONS and ENABLEDas follows. The -x prevents spamd from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the spamd user.
This also should be stored in a git repository, but is not. Check the current spamd server for the current values if needed.
# Change to one to enable spamd ENABLED=1 OPTIONS="--create-prefs --max-children 18 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log -A 69.90.123.67,127.0.0.1 -i 0.0.0.0" PIDFILE="/var/local/lib/spamd/pid" CRON=1
Make a file called /etc/logrotate.d/spamd with the following contents.
/var/log/spamd.log { weekly missingok create 0640 root adm rotate 4 compress delaycompress sharedscripts postrotate [ -f '/var/local/lib/spamd/pid' ] && (kill -HUP `cat /var/local/lib/spamd/pid`) || exit 0 endscript }
Start the daemon by doing /etc/init.d/spamassassin start. Check /var/log/spamd.log to be sure that it started OK.
Install the .crontab entries that you wrote earlier by doing crontab -u spamd ~spamd/.crontab as root. Do this every time that you make changes to ~spamd/.crontab.
The following tasks would be done on whichever machine runs IMAP, and are mostly wrong.
Edit /etc/courier/shared/index as follows, being sure to separate each column with a single TAB character. The second column is UID, and third column is GID -- consult /etc/passwd and /etc/group to make these match the spamd user and group.
spamd 116 119 /var/local/lib/spamd
Restart courier's IMAP process: runsv restart courier-imap
Test by checking to see if you can access shared.SpamAssassin.SiteHam and shared.SpamAssassin.SiteSpam from IMAP. If not, do maildirmake --add SpamAssassin=~spamd/Maildir ~/Maildir as your normal user from the machine that does courier (and presumably spamassassin as well). You might need to replace ~ with ~USERNAME if you are using sudo to do this, where USERNAME is your normal username.
Now copy some spammy mail into the SiteSpam directory, wait 5 minutes, and check to see if the mail got learned and deleted.
If so, edit ~spamd/.crontab to pipe the output of sa-learn to /dev/null, and run crontab as specified earlier to propogate this change.