HomePage » Mail » Spam

Spam


Spamassassin configuration file

A nice site to generate spamassassin config http://www.yrex.com/spam/spamconfig.php

Installation
rpmbuild --define "srcext .bz2" -tb Mail-SpamAssassin-3.1.9.tar.bz2
cd /usr/src/redhat/RPMS/i386
rpm -Uvh perl-Mail-SpamAssassin-3.1.9-1.i386.rpm spamassassin-3.1.9-1.i386.rpm


Install spamd to run with daemontools
useradd -s /bin/nologin spamd
useradd -s /bin/nologin spamd_logger
# run
#!/bin/sh

exec 2>&1
exec envuidgid spamd /usr/bin/spamd -s stderr -c -u spamd \
--socketpath=/tmp/.spamd.sock -m 10 -H -l -x \
--virtual-config-dir=/home/vmail/.spamassassin/%d/%l

# log/run
#!/bin/sh

exec /usr/local/bin/setuidgid spamd_logger /usr/local/bin/multilog t s9999 n10 ./main


Add the following to crontab to update spamassin
sa-update --nogpg --channel updates.spamassassin.org --channel saupdates.openprotect.com >/dev/null 2>&1 && service spamd restart



DKIM proxy

http://dkimproxy.sourceforge.net/

Installing dkimproxy on FreeBSD
Install it from ports.

Generate keys
openssl genrsa -out dkim.key 1024
openssl rsa -in dkim.key -pubout -out dkim.pub


Create dkim DNS record
Remove the PEM header in dkim.pub, then join all lines into one. Pick a selector name, and add this record:
securemail1._domainkey IN TXT "k=rsa; t=s; p=MIGf...AQAB"

Verify the record with the host command host -ttxt securemail1._domainkey.mydomain.com

Starting dkimproxy
Use this rc script as the one that comes with dkimproxy does not freaking read the config files.

#!/bin/sh
# Default-Start:  3 4 5
# Default-Stop:   0 1 2 6
# Description:    Runs dkimproxy

case "$1" in
start)
/usr/local/bin/dkimproxy.out \
--user=dkim \
--group=dkim \
--pidfile=/var/run/dkimproxy.pid \
--daemonize \
--keyfile=/usr/local/etc/dkimproxy-private.pem  \
--selector=default \
--domain=local.bankofamerica.com \
--method=relaxed \
127.0.0.1:10027 127.0.0.1:10028 >> /var/log/maillog
;;

stop)
kill -9 `cat /var/run/dkimproxy.pid` && rm -f /var/run/dkimproxy.pid
;;

esac


Postfix integration
Edit master.cf and reload postfix.
smtp      inet  n       -       n       -       -       smtpd
	-o content_filter=dksign:[127.0.0.1]:10027

submission  inet  n     -       n       -       -       smtpd
	-o smtpd_etrn_restrictions=reject
	-o content_filter=dksign:[127.0.0.1]:10027
dksign    unix  -       -       n       -       10      smtp
	-o smtp_send_xforward_command=yes
	-o smtp_discard_ehlo_keywords=8bitmime,starttls
127.0.0.1:10028 inet  n  -      n       -       10      smtpd
	-o content_filter=
	-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
	-o smtpd_helo_restrictions=
	-o smtpd_client_restrictions=
	-o smtpd_sender_restrictions=
	-o smtpd_recipient_restrictions=permit_mynetworks,reject
	-o mynetworks=127.0.0.0/8
	-o smtpd_authorized_xforward_hosts=127.0.0.0/8
pickup    fifo  n       -       n       60      1       pickup
		-o content_filter=dksign:[127.0.0.1]:10027


smtp handles local smtp connection. pickup handles mail delivered by calling /usr/sbin/sendmail directly.

There are 41 comments on this page. [Display comments]

Valid XHTML 1.0 Transitional :: Valid CSS :: Powered by WikkaWiki