Formatting code for Spam
{{parent page="Mail"}}
===Spam===
===Spamassassin configuration file===
A nice site to generate spamassassin config http://www.yrex.com/spam/spamconfig.php
==Installation==
%%
rpmbuild --define "srcext .bz2" -tb Mail-SpamAssassin-3.1.9.tar.bz2
cd /usr/src/redhat/RPMS/i386
rpm -Uvh perl-Mail-SpamAssassin-3.1.9-1.i386.rpm spamassassin-3.1.9-1.i386.rpm
%%
Install spamd to run with daemontools
%%
useradd -s /bin/nologin spamd
useradd -s /bin/nologin spamd_logger
# run
#!/bin/sh
exec 2>&1
exec envuidgid spamd /usr/bin/spamd -s stderr -c -u spamd \
--socketpath=/tmp/.spamd.sock -m 10 -H -l -x \
--virtual-config-dir=/home/vmail/.spamassassin/%d/%l
# log/run
#!/bin/sh
exec /usr/local/bin/setuidgid spamd_logger /usr/local/bin/multilog t s9999 n10 ./main
%%
Add the following to crontab to update spamassin
%%
sa-update --nogpg --channel updates.spamassassin.org --channel saupdates.openprotect.com >/dev/null 2>&1 && service spamd restart
%%
===DKIM proxy===
http://dkimproxy.sourceforge.net/
==Installing dkimproxy on FreeBSD==
Install it from ports.
==Generate keys==
%%
openssl genrsa -out dkim.key 1024
openssl rsa -in dkim.key -pubout -out dkim.pub
%%
==Create dkim DNS record==
Remove the PEM header in dkim.pub, then join all lines into one. Pick a selector name, and add this record:
%%
securemail1._domainkey IN TXT "k=rsa; t=s; p=MIGf...AQAB"
%%
Verify the record with the host command **host -ttxt securemail1._domainkey.mydomain.com**
==Starting dkimproxy==
Use this rc script as the one that comes with dkimproxy does not freaking read the config files.
%%
#!/bin/sh
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Description: Runs dkimproxy
case "$1" in
start)
/usr/local/bin/dkimproxy.out \
--user=dkim \
--group=dkim \
--pidfile=/var/run/dkimproxy.pid \
--daemonize \
--keyfile=/usr/local/etc/dkimproxy-private.pem \
--selector=default \
--domain=local.bankofamerica.com \
--method=relaxed \
127.0.0.1:10027 127.0.0.1:10028 >> /var/log/maillog
;;
stop)
kill -9 `cat /var/run/dkimproxy.pid` && rm -f /var/run/dkimproxy.pid
;;
esac
%%
==Postfix integration==
Edit master.cf and reload postfix.
%%
smtp inet n - n - - smtpd
-o content_filter=dksign:[127.0.0.1]:10027
submission inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
-o content_filter=dksign:[127.0.0.1]:10027
dksign unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o smtp_discard_ehlo_keywords=8bitmime,starttls
127.0.0.1:10028 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
pickup fifo n - n 60 1 pickup
-o content_filter=dksign:[127.0.0.1]:10027
%%
smtp handles local smtp connection. pickup handles mail delivered by calling /usr/sbin/sendmail directly.
===Spam===
===Spamassassin configuration file===
A nice site to generate spamassassin config http://www.yrex.com/spam/spamconfig.php
==Installation==
%%
rpmbuild --define "srcext .bz2" -tb Mail-SpamAssassin-3.1.9.tar.bz2
cd /usr/src/redhat/RPMS/i386
rpm -Uvh perl-Mail-SpamAssassin-3.1.9-1.i386.rpm spamassassin-3.1.9-1.i386.rpm
%%
Install spamd to run with daemontools
%%
useradd -s /bin/nologin spamd
useradd -s /bin/nologin spamd_logger
# run
#!/bin/sh
exec 2>&1
exec envuidgid spamd /usr/bin/spamd -s stderr -c -u spamd \
--socketpath=/tmp/.spamd.sock -m 10 -H -l -x \
--virtual-config-dir=/home/vmail/.spamassassin/%d/%l
# log/run
#!/bin/sh
exec /usr/local/bin/setuidgid spamd_logger /usr/local/bin/multilog t s9999 n10 ./main
%%
Add the following to crontab to update spamassin
%%
sa-update --nogpg --channel updates.spamassassin.org --channel saupdates.openprotect.com >/dev/null 2>&1 && service spamd restart
%%
===DKIM proxy===
http://dkimproxy.sourceforge.net/
==Installing dkimproxy on FreeBSD==
Install it from ports.
==Generate keys==
%%
openssl genrsa -out dkim.key 1024
openssl rsa -in dkim.key -pubout -out dkim.pub
%%
==Create dkim DNS record==
Remove the PEM header in dkim.pub, then join all lines into one. Pick a selector name, and add this record:
%%
securemail1._domainkey IN TXT "k=rsa; t=s; p=MIGf...AQAB"
%%
Verify the record with the host command **host -ttxt securemail1._domainkey.mydomain.com**
==Starting dkimproxy==
Use this rc script as the one that comes with dkimproxy does not freaking read the config files.
%%
#!/bin/sh
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 6
# Description: Runs dkimproxy
case "$1" in
start)
/usr/local/bin/dkimproxy.out \
--user=dkim \
--group=dkim \
--pidfile=/var/run/dkimproxy.pid \
--daemonize \
--keyfile=/usr/local/etc/dkimproxy-private.pem \
--selector=default \
--domain=local.bankofamerica.com \
--method=relaxed \
127.0.0.1:10027 127.0.0.1:10028 >> /var/log/maillog
;;
stop)
kill -9 `cat /var/run/dkimproxy.pid` && rm -f /var/run/dkimproxy.pid
;;
esac
%%
==Postfix integration==
Edit master.cf and reload postfix.
%%
smtp inet n - n - - smtpd
-o content_filter=dksign:[127.0.0.1]:10027
submission inet n - n - - smtpd
-o smtpd_etrn_restrictions=reject
-o content_filter=dksign:[127.0.0.1]:10027
dksign unix - - n - 10 smtp
-o smtp_send_xforward_command=yes
-o smtp_discard_ehlo_keywords=8bitmime,starttls
127.0.0.1:10028 inet n - n - 10 smtpd
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
pickup fifo n - n 60 1 pickup
-o content_filter=dksign:[127.0.0.1]:10027
%%
smtp handles local smtp connection. pickup handles mail delivered by calling /usr/sbin/sendmail directly.
