nrspot.com

from  http://opensourceheaven.net/?page_id=98

The last time i was installing qmailrock package from qmailrocks.com and found a thread about how to optimize the anti spam modul , already installed it and works good for me . why don’t u try it ? very excellent document , love it .

here is the original document :

Introduction

If you followed the installation guide on QmailRocks you will finish up with a functional mail server with integrated spam filtering using SpamAssassin, but only with the most minimal settings. This is what you need to do to get your SpamAssassin really kicking ass.

Note: This page is best viewed using Mozilla Firefox.

———Nrspot.com staying alive by support , please click link or picture :

www.metrochip8.com 

Toko Komputer Online, Kualitas Hebat dengan Harga Terjangkau .

Komputer, Notebook, Printer, Network  dan Aksesoris .

—————————————————Nrspot 2009.

Install some supporting technologies

First we are going to install DCC, Pyzor, and Razor. Keeping with the QmailRocks conventions, I download my files to /downloads.

mkdir /downloads/spam
cd /downloads/spam
wget http://www.rhyolite.com/anti-spam/dcc/source/dcc.tar.Z
tar zxfv dcc.tar.Z
cd dcc-1.x.xx
./configure
make install
cd /downloads/spam

Download Pyzor from Sourceforge, from your nearest mirror. For example,

wget http://kent.dl.sourceforge.net/sourceforge/pyzor/pyzor-0.4.0.tar.bz2
tar xjvf pyzor-0.4.0.tar.bz2
cd pyzor-0.4.0
python setup.py build
python setup.py install
cd /downloads/spam

Download Razor from Sourceforge, from your nearest mirror. For example,

wget http://kent.dl.sourceforge.net/sourceforge/razor/razor-agents-2.80.tar.bz2
tar xjfv razor-agents-2.80.tar.bz2
cd razor-agents-2.80
perl Makefile.PL
make test
make install


Razor requires a little more configuration. You will need to install these perl modules, if you don’t have them already:

perl -MCPAN -e “install Time::HiRes”
perl -MCPAN -e “install Digest::SHA1″
perl -MCPAN -e “install MIME::Base64″
perl -MCPAN -e “install Test::Simple”
perl -MCPAN -e “install Test::Harness”
perl -MCPAN -e “install Getopt::Long”
perl -MCPAN -e “install File::Copy”
perl -MCPAN -e “install URI::Escape”

You need to create a config file, using a non root user. Substitute ben with a real non-root user on your system:

su ben
razor-admin -create
exit

Register your Razor install with the Razor servers. Replace the address with your admin’s e-mail address:

razor-admin -register -user=foo
Razor is now ready for integration with SpamAssassin. If you need to know more, have a look at the Razor installation pages.

SpamAssassin configuration

Next we will write a new local.cf. This is the file your global SpamAssassin settings are stored in. The default installation has a minimal config that’s pretty basic and doesn’t catch much spam. Before we make any changes we will backup your old config, just in case you want to see it again:

mv /etc/mail/spamassassin/local.cf /etc/mail/spamassassin/local.cf.old

Get a new config using the configuration generator tool from the SpamAssassin website. Make sure you enable Bayes, DCC, Pyzor, and Razor. Copy the contents, and paste it into /etc/mail/spamassassin/local.cf (new file).

While you have your local.cf open we will also add some configuration options for Razor, DCC and Pyzor. Substitute ben with the non-root user you used earlier to configure Razor.

razor_config /home/ben/.razor/razor-agent.conf
dcc_home /var/dcc
dcc_path /usr/bin/dccproc
dcc_dccifd_path /var/dcc/libexec/dccifd
pyzor_path /usr/bin/pyzor
score PYZOR_CHECK 1

This is what my local.cf looks like. If you’re with me so far then yours should look very similar.

Now create a new bayes database using:

sa-learn –sync

Get more rules

I’ve been using a load of rules from the SpamAssassin website for a while and I have never had any problems with them. All you need to do to install them is place them in your spamassassin directory and restart the daemon:

cd /etc/mail/spamassassin
wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
wget http://www.emtinc.net/includes/backhair.cf
wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf
wget http://www.emtinc.net/includes/chickenpox.cf
wget http://www.sa-blacklist.stearns.org/sa-blacklist/sa-blacklist.current.uri.cf
wget http://www.sa-blacklist.stearns.org/sa-blacklist/random.current.cf
wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf
wget http://www.nospamtoday.com/download/mime_validate.cf
wget http://bl.csma.biz/csma.cf

Now just restart SpamAssassin to put all of these changes into effect.

Slackware

/etc/rc.d/rc.spamd restart

Debian

/etc/init.d/rc.spamd restart

RedHat / Fedora

/etc/rc.d/init.d/spamassassin restart

Other rules are available from the SpamAssassin website and Rules Emporium.

Now to test the SpamAssassin configuration. You can check the config for errors by running this command:

spamassassin -D –lint

You don’t need to understand all of this output, just look for any errors and use Google for any troubleshooting, if required. You should also have a file on your system from the QMR install called sample-nonspam.txt which we can use to test the SA configuration. To look for it, try:

locate sample-nonspam

If you don’t have the file, you can download it from me, using:

cd /downloads/spam
wget http://opensourceheaven.net/sample-nonspam.txt

We’ll use this file to test the SpamAssassin configuration:

spamassassin -t < /path/to/sample-nonspam.txt

If everything is working you should see a nicely formatted report about SpamAssassin’s analysis of the message.

Enable RBL checking

Real time Black Lists can greatly reduce the amount of spam to your server, but they have a few disadvantages. They are unmoderated and sometimes legitimate organisations can be added to them through no fault of their own. So be careful which ones you choose as there are some real coyboys out there (under NO circumstances should you use SORBS). That being said, I use RBL’s and they stop a ton of spam getting to my mailbox - I easily get 50 messages a day to my inbox alone blocked because of RBL’s. To implement them on your Qmail server, edit your /var/qmail/supervise/qmail-smtpd/run and add the following bold lines:

/etc/tcp.smtp.cdb -c “$MAXSMTPD” \ -u “$QMAILDUID” -g ……………. \
rblsmtpd \
-r sbl.spamhaus.org \
-r bl.spamcop.net \
-r relays.ordb.org \
/var/qmail/bin/qmail-smtpd server.yourdomain.com \

A quick word of warning about dynamic IP addresses - if your server has a dynamic IP address on the Internet, you cannot use RBL’s that specifically block incoming dynamic IP’s (for example, dul.dnsbl.sorbs.net). Mail will not flow out of your server if you implement this, and when you view your smtpd/current log, you will see your outbound mail is being blocked by the RBL.

I would also recommend the use of SURBL on your Qmail server, instructions on how to implement it are in this blog post, which I will add into this guide in due course.

Now restart Qmail:

qmailctl stop
qmailctl start
qmailctl stat

After a while you should see messages like this in your /var/log/qmail/qmail-smtpd/current:

@4000000044115b78130e41fc rblsmtpd: 202.99.188.186 pid 25750: 451 Blocked - see http://www.spamcop.net/bl.shtml?202.99.188.186

Automatically move tagged spam to the Spam folder

It’s nice to have things tagged as spam but it’s more pleasant for the user if this junk is automatically moved to a Spam folder in their mailbox. Matt Simerson (author of Mail::Toaster) has written a script that does this based on the “X-Spam-Status” in the message header. It also creates the Spam folder in the user’s mailbox, if it doesn’t exist already.

cd /home/vpopmail/domains/yourdomain.com/
vi mailfilter

Copy and paste the contents of this script into the window. Change this line:

logfile “/var/log/mail/maildrop.log”
to
logfile “/var/log/qmail/maildrop.log”

Change these lines:
VPOP=”| /usr/local/vpopmail/bin/vdelivermail ” bounce-no-mailbox”
VHOME=`/usr/local/vpopmail/bin/vuserinfo -d $EXT@$HOST`

to this:

VPOP=”| /home/vpopmail/bin/vdelivermail ” bounce-no-mailbox”
VHOME=`/home/vpopmail/bin/vuserinfo -d $EXT@$HOST`

Save and close, then we’ll create this log file:

touch /var/log/qmail/maildrop.log
chown vpopmail:vchkpw /var/log/qmail/maildrop.log
chmod 774 /var/log/qmail/maildrop.log

We have to change permissions on the mailfilter - they have to be quite specific, or qmail will queue up your messages.

chown vpopmail:vchkpw mailfilter
chmod 600 mailfilter
vi .qmail-default

Comment out your existing line and add this one (all on one line)

| /usr/local/bin/maildrop /home/vpopmail/domains/yourdomain.com/mailfilter

Save and close.

chown vpopmail:vchkpw .qmail-default
vi /usr/local/sbin/subscribeIMAP.sh

Paste this script into Vi:

#!/bin/sh
#
# This subscribes the folder passed as $1 to courier imap
# so that Maildir reading apps (Sqwebmail, Courier-IMAP) and
# IMAP clients (squirrelmail, Mailman, etc) will recognize the
# extra mail folder.
# Matt Simerson - 12 June 2003

LIST=”$2/Maildir/courierimapsubscribed”
if [ -f “$LIST” ]; then
# if the file exists, check it for the new folder
TEST=`cat “$LIST” | grep “INBOX.$1″`
# if it is not there, add it
if [ “$TEST” = “” ]; then
echo “INBOX.$1″ >> $LIST
fi
else
# the file does not exist so we define the full list
# and then create the file.
FULL=”INBOX\nINBOX.Sent\nINBOX.Trash\nINBOX.Drafts\nINBO X.$1″
echo -e $FULL > $LIST
/bin/chown vpopmail:vchkpw $LIST
/bin/chmod 644 $LIST
fi

Make the script executable and restart qmail:

chmod 755 /usr/local/sbin/subscribeIMAP.sh
qmailctl stop
qmailctl start
qmailctl stat

Send yourself a message just to check everything is working. If no mail is coming through, check your qmail-smtpd/current and qmail-send/current log for any errors:

tail /var/log/qmail/qmail-smtpd/current
tail /var/log/qmail/qmail-send/current

If your test message comes in OK, you can sit back and relax and wait for a spam to appear in your Spam folder! If you like, you can also use the qmail-scanner script to test this out, you might recall using this during the QMR install to test out SpamAssassin and ClamAV. Run it like this (all on one line):

/downloads/qmailrocks/qmail-scanner-1.25/contrib/test_installation.sh -doit

Then open up your postmaster mailbox, and if everything is working you should see a spam in the spam folder and a clean message in your Inbox.

After a while, your Spam folder will look like this …

Spam

Keep feeding Spam and Ham to SpamAssassin

There is probably an elegant way to do this, but if you only have a few users on your domain you can write a script which uses sa-learn to add Spam and Ham (clean messages) to the SA database. This will improve detection rates, but you need at least 200 messages of each for this to be effective. Don’t forget, feeding it Ham is just as important as feeding it Spam! sa-learn works by reading messages you have classified as Spam or Ham in your mailbox folders. Here’s an example of a script that does this, although there must be a better way of doing this if you are implementing SpamAssassin for more than a few users! If you know of one, I would like to know.

That’s it …

You should now have a spam free server. The odd one or two may still slip through as spammers constantly change their techniques, but if you keep running your sa-learn script through cron every night, then your SA database will stay more or less up to date.

- Nrspot.com -  staying alive by support from www.metrochip8.com, please click link atau gambar sebagai support anda untuk nrspot.com  :

www.metrochip8.com 

Toko Komputer Online, Kualitas Hebat dengan Harga Terjangkau .

Komputer, Notebook, Printer, Network  dan Aksesoris .

—————————————————Nrspot 2009.

If this article has been any use to you or if you have found some mistakes, I would like to hear from you. Please leave me a comment below or drop me an e-mail.

2009 .