rss logo

Spam filtering on Courier mail server with SpamAssassin

Intro

We asked me to install a spam filtering solution on a courier-mta mail server. Since dspam project seems to be inactive I choose to give a shot to one of the most known solution : SpamAssassin. I've worked on a Debian Linux distribution.

Configuration

  • OS : debian stretch 9
  • courier-mta : 0.76
  • spamassassin : 3.4.2

Maildrop

We will use maildrop MDA in order to redirect mail to our SpamAssassin filter.

maildrop activation

  • We enable maildrop for our shebang.thedolphins user.
echo "|/usr/bin/maildrop" | sudo tee -a /var/vmail/mydomain.net/shebang.thedolphins/.courier

/etc/maildroprc

  • SpammAssassin will be called only if a mail is sent to shebang.thedolphins user and if his size is less than 256000 bytes.
import HOME
import USER
if ( /^To: .*shebang.thedolphins@mydomain\.net.*/ && $SIZE < 256000 )
{
	#won't work with vmail users, to avoid "spamd: handle_user (userdir) unable to find user:" message
        #xfilter "/usr/bin/spamc -u $USER" 
        xfilter "/usr/bin/spamc"
}
#Optional : if we want, detected spams could be moved to a specific folder :
#if ( /^X-Spam-Status: Yes/ )
#{
#       to "$HOME/Maildir/.SpamAssassin/"
#}

SpamAssassin

Installing

root@host:~# apt-get install spamassassin spamc

Create working folder and set rights

root@host:~# su - vmail/
vmail@host:~$ mkdir .spamassassin/
vmail@host:~$ chmod -R ugo+w .spamassassin/

Configuration

  • We create log folder and user account who will execute the service
root@host:~# mkdir /var/log/spamassassin/; groupadd spamd; useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd; chown spamd:spamd /var/log/spamassassin

/etc/spamassassin/local.cf

  • The *****SPAM***** will be added in the subject field. report_safe 0 to avoid body message modification.
rewrite_header Subject *****SPAM*****
report_safe 0 

/etc/default/spamassassin

  • Set folders log and processus user execution.
OPTIONS="--create-prefs --max-children 2 --username spamd -H /var/log/spamassassin/ -s /var/log/spamassassin/spamd.log"
CRON=1 
root@host:~# systemctl restart spamassassin

Train our SpamAssassin filter

/usr/local/sbin/spamassassin_learn.sh

  • This script will be executed in order to train our SpamAssassin filter. Mails which will be in the Spam folder will be considered as spams and those which are in the Nospam folder will be considered as legit. The user will have to move undetected spams in Spam folder and legit mails in Nospam folder.
#! /bin/bash

#Mails in Spam folder are Spams
sa-learn --no-sync --spam /var/vmail/mydomain.net/shebang.thedolphins/Maildir/.Spam/{cur,new}
#Mails in Nospam folder are legit emails
sa-learn --no-sync --ham /var/vmail/mydomain.net/shebang.thedolphins/Maildir/.Nospam/{cur,new}
#Once processed as spam we put mails in trash folder
for i in /var/vmail/mydomain.net/shebang.thedolphins/Maildir/.Spam/{cur,new}/*; do
        mv "$i" /var/vmail/mydomain.net/shebang.thedolphins/Maildir/.Trash/cur/
done
#Once processed as legit we put mails in INBOX
for i in /var/vmail/mydomain.net/shebang.thedolphins/Maildir/.Nospam/{cur,new}/*; do
        mv "$i" /var/vmail/mydomain.net/shebang.thedolphins/Maildir/new/
done

/etc/cron.d/spamassassin

  • The script will be executed each 15 minutes
*/15 *  * * *   root    /usr/local/sbin/spamassassin_learn.sh

References

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :

contact mail address