Skip to main content

Setting up Spam Detection System for mail server

For over a month, I did a research on how to install, configure and test spam detection system on mail server which i manage. Here's the quick step :

1. Install spamassassin from spamassassin.org. I use spamc and spamd and not the perl version. Advantage: faster for bz server.

2. Make this setting in /etc/mail/spamassassin/local.conf



# SpamAssassin user preferences file.
# See 'man Mail::SpamAssassin::Conf' for
# details of what can be tweaked.

# score needed to deem an email to be spam.
# the lower the score, the more likely the email
# will be classified as spam. default is 5, but
# I have found that 4 works a little bit better
required_hits 4

# if you find an email from an address classified
# as spam that should
# *never* be classified as spam, add it to the whitelist
whitelist_from *@mp3.com

# if you receive an email from an address that will
# always be spam, add it to the blacklist (comma separated)
blacklist_from big@boss.com

# Whitelist and blacklist addresses are now
# file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com",
# or "*.domain.net" will all work.

# append the subject line with "[SPAM]"
# if you do not want the subject line altered,
# just remove this line
subject_tag [SPAM]

3. Make sure procmail is installed. use 'which procmail' to know. if not, go to www.procmail.org to download and install.

4. Test for one user first. configure .procmailrc in one user home directory like this:


## Set to yes when debugging

VERBOSE=no


## Put '#' before LOGFILE if you want
# no logging (not recommended)
LOGFILE=procmaillog



:0fw: spamassassin.lock
/usr/bin/spamc

# The following three lines move messages tagged
# as spam to a folder called "spam-folder" If you
# want mail to stay in your inbox, just
# delete the lines

:0:
* ^X-Spam-Status: Yes
spam-folder



Update :
You could replace spam-folder with /dev/null if you want the spam mails to be automatically deleted as below (Not Recommended):

:0:
* ^X-Spam-Status: Yes
/dev/null


Note : The 3 last lines is important for automatic moving of spam mails to 'spam-folder'. Spam mails are marked [SPAM] in their subject and this mark is user-definable.

Ok. That's all there is to it. Test it for a month and hope that spam mails ever reach the spam-folder. :-) I bet they will.

Comments

Popular posts from this blog

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main Config file processing error with skin 'default'
After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus, cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done
Rerun gmplayer and all should be fine.
Have fun!
UPDATE (02-10-2017)

It doesn't work on Ubuntu 16.04 (xenial) but there's a workaround here.

You can update your syst…

Moving your mysql database to another hard disk

Recently, my server's only hard disk was almost full. I bought a new hard disk with bigger size and I decided to just add it as a second hard disk. Since I need to move it to the 2nd hard disk, I need to find a proper way to move the db with minimum downtime. So I googled around and found a solution.
First, I needed to format the 2nd hard disk and I chose xfs as the filesystem. I created 2 partitions using Linux's fdisk for this task. First partition is 10 GB and 2nd one is around 900 GB. That's approximately added up to 1 TB. Then I mounted the 2nd partition in current partition eg /media/hd2 as follows:
mount -t xfs /dev/sdb5 /media/hd2
where /dev/sdb5 is the partition and /media/hd2 is the mounting dir.
Stop mysql db before doing anything:
service mysql stop
Afterthat, I copied the entire db to newly mounted hard disk:
cp -rv /var/lib/mysql /media/hd2
It will take a while if you have huge databases.
Then, change the ownership of the dir to user and group of mysql:
chown -R mysql:…

Transparent proxy with squid 2.6

I have upgraded my squid from 2.5 STABLE13 to 2.6 STABLE18. Transparent proxy is setup differently in this version. You need this directives in squid.conf (usually in /etc or /usr/local/etc or /usr/local/squid/etc, check with your distro).

acl our_networks src 192.168.2.0/24 127.0.0.1
http_access allow our_networks
http_port 192.168.2.1:3128 transparent
always_direct allow all

where 192.168.2.1 is your proxy server IP address.


If you have flushed your iptables, create new rule:

iptables -t nat -A PREROUTING -i eth0 -p tcp –dport 80 -j REDIRECT –to-port 3128

where 3128 is the port where squid is running.
References:
http://www.deckle.co.za/squid-users-guide/Transparent_Caching/Proxy