Embedded Files
Faruque Ahmed : MCP, MCSA, MCSE, MCTS, MCIT, CCNA, OCA, OCP, GCP
Centos 7
[root@mail ~]# vi /etc/mail/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [***SPAM***]
ok_languages en
score UNWANTED_LANGUAGE_BODY 8.0
# dcc
use_dcc 1
dcc_home /var/dcc
dcc_path /usr/local/bin/dccproc
dcc_timeout 10
add_header all DCC _DCCB_: _DCCR_
# pyzor
use_pyzor 1
pyzor_path /usr/bin/pyzor
# razor
use_razor2 1
razor_config /var/spool/amavisd/razor-agent.conf
score RAZOR2_CHECK 2.500
score PYZOR_CHECK 2.500
score DCC_CHECK 4.000
whitelist_from *@worldcm.net
whitelist_from *@xyz.com.bd
# spam.dnsbl.anonmails.de header RCVD_IN_ANONMAILS eval:check_rbl('anonmails-lastexternal', 'spam.dnsbl.anonmails.de.') describe RCVD_IN_ANONMAILS Relay is listed in spam.dnsbl.anonmails.de tflags RCVD_IN_ANONMAILS net
score RCVD_IN_ANONMAILS 3.0
---------------------------------X------------------------------------------
To utilize the DNSBL in SpamAssasin, add the following ruleset to your local configuration file /etc/mail/spamassassin/local.cf.
# spam.dnsbl.anonmails.de header RCVD_IN_ANONMAILS eval:check_rbl('anonmails-lastexternal', 'spam.dnsbl.anonmails.de.') describe RCVD_IN_ANONMAILS Relay is listed in spam.dnsbl.anonmails.de tflags RCVD_IN_ANONMAILS net score RCVD_IN_ANONMAILS 3.0
---------------------------------------------X--------------------------------------------------
razor2+pyzor
razor2+pyzor
Make sure youre using the local DNS server first in /etc/resolv.conf:
nameserver 127.0.0.1
2.0 is probably overly aggressive for tagging spam, I use 4.0 myself. For improvements on overall spam detection I'd also add razor, dcc and pyzor to the system, and if you can afford the occational delayed message, add in greylisting.
If you're running a CentOS/RHEL/Fedora system, Ive got all of these components in my yum archive, which you can add with:
wget -q -O - http://www.atomicorp.com/installers/atomic.sh |sh
To install razor, dcc, and pyzor:
yum install razor-agents dcc pyzor
service spamassassin restart
To install greylisting:
yum install qgreylist
service xinetd restart
Download Razor
https://drive.google.com/file/d/0B8kTAu8SZaHwbDVoZmNjaUJsU2s/view?usp=sharing
########################################################
To enable DCC:
1. Execute:
Code:
wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z tar xzvf dcc-dccproc.tar.Z cd dcc-dccproc-* ./configure \ --bindir=$(PREFIX)/bin \ --libexecdir=$(PREFIX)/lib/dcc \ --mandir=$(PREFIX)/man \ --homedir=/var/lib/dcc \ --with-uid=mail \ --with-gid=mail make make install chown -R mail:mail /var/lib/dcc
2. Modify /etc/mail/spamassassin/local.cf, add:
Code:
# dcc use_dcc 1 dcc_home /var/lib/dcc dcc_path /usr/bin/dccproc dcc_timeout 10 add_header all DCC _DCCB_: _DCCR_ score DCC_CHECK 4.000
3. Modify /etc/mail/spamassassin/v310.pre, add:
Code:
loadplugin Mail::SpamAssassin::Plugin::DCC
4. Open UDP_OUT port 6277 in firewall.
shorewall Rules
##SpamAssassin
ACCEPT net $FW tcp 6277
ACCEPT loc $FW tcp 6277
ACCEPT net $FW tcp 24441
ACCEPT loc $FW tcp 24441
ACCEPT net $FW udp 24441
ACCEPT loc $FW udp 24441
ACCEPT net $FW tcp 2703
ACCEPT loc $FW tcp 2703
------------------------
TCP 2703 Outgoing : Razor2
UDP 24441 Outgoing : Pyzor
TCP 24441 Incomming : Pyzor
To install Razor/Pyzor:
1. Execute the following to install razor-agents:
Code:
cd /root wget -O razor-agents-2.82.tar.bz2 http://www.pccc.com/downloads/SpamAssassin/razor-agents-2.82.tar.bz2 tar xjf razor-agents-2.82.tar.bz2 cd razor-agents-2.82 perl Makefile.PL make make install
2. Execute the following to install pyzor:
Code:
cd /rootwget -O pyzor-1.0.0.tar.gz "https://pypi.python.org/packages/source/p/pyzor/pyzor-1.0.0.tar.gz#md5=e77b1cd0afd3884e6f2aa585cb423b46" tar xzf pyzor-1.0.0.tar.gz cd pyzor-1.0.0 python setup.py build python setup.py install
3. Open UDP/TCP IN and OUT port 24441 in firewall, open TCP_OUT 2703.
4. Configure razor:
Code:
mkdir /etc/mail/spamassassin/.razor razor-admin -home=/etc/mail/spamassassin/.razor -register razor-admin -home=/etc/mail/spamassassin/.razor -create razor-admin -home=/etc/mail/spamassassin/.razor -discover chown -R mail:mail /etc/mail/spamassassin/.razor
5. Add the following to /etc/mail/spamassassin/local.cf:
Code:
# pyzor use_pyzor 1 pyzor_path /usr/bin/pyzor score PYZOR_CHECK 3.000 # razor use_razor2 1 razor_config /etc/mail/spamassassin/.razor/razor-agent.conf score RAZOR2_CHECK 3.000
6. Add to /etc/mail/spamassassin/.razor/razor-agent.conf:
Code:
razorhome = /etc/mail/spamassassin/.razor
7. Add the following path to /etc/logrotate.d/exim:
Code:
/etc/mail/spamassassin/.razor/razor-agent.log
█ Martynas Bendorius
Spamassassin Plugins
Spamassassin Plugins
With plugins, Spamassassin can detect spam and bulk email better with online resources.
First, I need open some ports on iptables needed by DCC, pyzor and razor. Add these rules to /etc/sysconfig/iptables in the INPUT chain and reload iptables:
### razor DCC pyzor ###
-A INPUT -p tcp --dport 2703 -j ACCEPT
-A INPUT -p udp --dport 24441 -j ACCEPT
-A INPUT -p udp -m udp --dport 1024:65535 --sport 6277 -j ACCEPT
###End of razor DCC pyzor ###
Edit /etc/mail/spamassassin/mailscanner.cf
# paths to utilities
ifplugin Mail::SpamAssassin::Plugin::Pyzor
pyzor_path /usr/bin/pyzor
endif
ifplugin Mail::SpamAssassin::Plugin::DCC
dcc_path /usr/bin/dccproc
dcc_home /etc/dcc
endif
ifplugin Mail::SpamAssassin::Plugin::Razor2
razor_config /etc/mail/spamassassin/razor/razor-agent.conf
endif
Enable these in spamassassin. Edit /etc/mail/spamassassin/v310.pre
loadplugin Mail::SpamAssassin::Plugin::DCC
loadplugin Mail::SpamAssassin::Plugin::Pyzor
loadplugin Mail::SpamAssassin::Plugin::Razor2
DCC
Install DCC
Test
Pyzor
Add a line in /etc/mail/spamassassin/local.cf
Install Pyzor:
Test
Razor
Edit /etc/mail/spamassassin/razor/razor-agent.conf
Test Razor2
Test
Test
Check MailScanner configration again:
Also check for SpamAssassin:
Now restart services and check maillog to see if any error
yum install sendmail-milter
rpm -Uvh https://www.mirrorservice.org/sites/dl.atrpms.net/el7-x86_64/atrpms/stable/DCC-1.3.145-25.el7.x86_64.rpm
cdcc info
razorhome = /etc/mail/spamassassin/razor
pyzor_options --homedir /etc/mail/spamassassin/.pyzor
rpm -Uvh ftp://mirror.switch.ch/pool/4/mirror/fedora/linux/releases/22/Everything/x86_64/os/Packages/p/pyzor-0.5.0-10.fc21.noarch.rpm
pyzor --homedir /etc/mail/spamassassin discover
spamassassin -t -D pyzor < /usr/share/doc/spamassassin-3.4.0/sample-spam.txt
mkdir /etc/mail/spamassassin/razor
razor-admin -create -home=/etc/mail/spamassassin/razor
razor-admin -register
spamassassin -t -D razor2 < /usr/share/doc/spamassassin-3.4.0/sample-spam.txt
MailScanner --lint
spamassassin -D --lint
systemctl restart clamd@scan
systemctl restart spamassassin
systemctl restart MailScanner
Now I can send some spam test email then check the maillog to see if it has need catched. Here are some test site:
[http://www.emailsecuritycheck.net/]
[https://www.mail-tester.com/]
MailWatch
MailWatch
--
Page updated
Google Sites
Report abuse