Sunday, July 17, 2005

Setting up Spam Detection System for mail server

For over a month, I did a research on how to install, configure and test spam detection system on mail server which i manage. Here's the quick step :

1. Install spamassassin from spamassassin.org. I use spamc and spamd and not the perl version. Advantage: faster for bz server.

2. Make this setting in /etc/mail/spamassassin/local.conf



# SpamAssassin user preferences file.
# See 'man Mail::SpamAssassin::Conf' for
# details of what can be tweaked.

# score needed to deem an email to be spam.
# the lower the score, the more likely the email
# will be classified as spam. default is 5, but
# I have found that 4 works a little bit better
required_hits 4

# if you find an email from an address classified
# as spam that should
# *never* be classified as spam, add it to the whitelist
whitelist_from *@mp3.com

# if you receive an email from an address that will
# always be spam, add it to the blacklist (comma separated)
blacklist_from big@boss.com

# Whitelist and blacklist addresses are now
# file-glob-style patterns, so
# "friend@somewhere.com", "*@isp.com",
# or "*.domain.net" will all work.

# append the subject line with "[SPAM]"
# if you do not want the subject line altered,
# just remove this line
subject_tag [SPAM]

3. Make sure procmail is installed. use 'which procmail' to know. if not, go to www.procmail.org to download and install.

4. Test for one user first. configure .procmailrc in one user home directory like this:


## Set to yes when debugging

VERBOSE=no


## Put '#' before LOGFILE if you want
# no logging (not recommended)
LOGFILE=procmaillog



:0fw: spamassassin.lock
/usr/bin/spamc

# The following three lines move messages tagged
# as spam to a folder called "spam-folder" If you
# want mail to stay in your inbox, just
# delete the lines

:0:
* ^X-Spam-Status: Yes
spam-folder



Update :
You could replace spam-folder with /dev/null if you want the spam mails to be automatically deleted as below (Not Recommended):

:0:
* ^X-Spam-Status: Yes
/dev/null


Note : The 3 last lines is important for automatic moving of spam mails to 'spam-folder'. Spam mails are marked [SPAM] in their subject and this mark is user-definable.

Ok. That's all there is to it. Test it for a month and hope that spam mails ever reach the spam-folder. :-) I bet they will.

No comments:

Renew letsencrypt ssl certificate for zimbra 8.8.15

 Letsencrypt certs usually consists of these files: 1. cert.pem 2. chain.pem 3. fullchain.pem 4. privkey.pem I am not going to discuss about...