SpamAssassin on Debian

Installation

aptitude update
aptitude install spamc spamassassin clamav-daemon clamav-freshclam debian-backports-keyring libmail-dkim-perl libcrypt-openssl-bignum-perl pyzor razor

/usr/sbin/useradd -c "SpamAssassin" -s /bin/false -d /var/lib/spamassassin -m -k /dev/null spamd

Install DCC-client from source since the Debian package is old

/usr/sbin/useradd -c "DCC" -s /bin/bash -d /var/dcc -m -k /dev/null dcc

cd /usr/src
wget -c http://www.rhyolite.com/dcc/source/dcc.tar.Z

tar xzf dcc.tar.Z
cd dcc*

./configure --with-uid=dcc --disable-server --disable-dccm
make -j4
make install

sed -i 's/^DCCIFD_ENABLE=off/DCCIFD_ENABLE=on/' /var/dcc/dcc_conf

Add to /etc/rc.local:

/var/dcc/libexec/start-dccifd

/etc/default/spamassassin:

ENABLED=1
OPTIONS="--max-children 5 -x -u spamd"
NICE="--nicelevel 15"

crontab -e -u spamd:

#@daily /usr/bin/sa-learn --force-expire --dbpath ~spamd/.spamassassin
@daily mv -f /var/lib/spamassassin/.razor/razor-agent.log /var/lib/spamassassin/.razor/razor-agent.log.old
@daily mv -f /var/lib/spamassassin/.spamassassin/bayes_seen /var/lib/spamassassin/.spamassassin/bayes_seen.old

crontab -e -u root:

@weekly apt-get -qq update; PATH=$PATH:/usr/sbin:/sbin apt-get -y -t lenny-backports -o Dpkg::Options::=--force-confold install clamav-daemon clamav-freshclam spamassassin spamc

/etc/spamassassin/local.cf:

required_hits 4.0
#skip_rbl_checks 1
rewrite_header Subject *****SPAM*****
#use_terse_report 1
report_safe 1
dns_available yes
add_header all DCC _DCCB_: _DCCR_
add_header all Pyzor _PYZOR_
add_header all Report _REPORT_
ok_locales en fr

lock_method flock
bayes_learn_to_journal 1
pyzor_path /usr/bin/pyzor
dcc_home /var/dcc

Configure razor/pyzor/dcc:

sudo -u spamd -s -H
cdcc info
pyzor discover
razor-admin -create
razor-admin -register

Check spamassassin for configuration errors:

sudo -u spamd -H spamassassin --lint

SARE Updates

Along with the daily official rule updates by enabling CRON=1 above, the SARE rule updates also provide some effective matches.

Import the GPG key according to:

http://saupdates.openprotect.com/

And add a line to your cron to update the rules daily:

15 1 * * * /usr/bin/sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com && /etc/init.d/spamassassin restart

where you should probably choose a random time to update (1:15 am shown).

Reference

http://braindump.mrzesty.net/Main/SpamAssassinOnDebian

Comments: 0

New comment

Scalix install on Debian

fail2ban

Home | Main | Linux | FreeBSD