Eric Goodwin

Debain Sarge Spam Killer - Postfix, Spam Assassin, Razor, DCC and Procmail
06/09/21

About three weeks after putting my email address on the main page of my blog I started to get spam, and a lot of it. That’s when I decided to install Spamassassin. To help Spamassassin to detect spam I also installed DCC and Razor, two anti-spam filters. Here’s what I did and how I did it.

This tutorial assumes that you have postfix up and running already.

First lets walk through the steps that postfix goes through when you receive an incoming email.

When receiving an email postfix looks for .forward in your home directory and executes any commands that you have in this file. If postfix doesn’t find a .forward file then it will execute /etc/procmailrc with no options and afterwards execure ~/.procmailrc if it can find that file.

Ok, let’s get started.

Spamassassin

server:/# apt-get install spamassassin
server:/# adduser --system --home /var/lib/spam --shell /bin/false --disabled-password --disabled-login spamd
server:/# pico /etc/default/spamassassin
Change ENABLED=0 to ENABLED=1 
server:/# pico /etc/postfix/master.cf
Look for a line like this: 
smtp      inet  n       -       -       -       -       smtpd
and on the following line add: 
-o content_filter=spamassassin
And at the end of the file add this line 
spamassassin unix - n n - - pipe flags=Rq user=spamd argv=/usr/local/bin/sa-filter.sh -f ${sender} ${recipient}
Now let’s create the file we just refered to in the previous line of code. 
server:/# pico /usr/local/bin/sa-filter.sh
And let’s add this into it 
#!/bin/bash
/usr/bin/spamc | /usr/sbin/sendmail -i "$@" 
exit $?
Now that that’s done, make sure that spamd is the owner and then restart everything. 
server:/# chown spamd:spamd /usr/local/bin/sa-filter.sh
server:/# chmod 755 /usr/local/bin/sa-filter.sh
server:/# /etc/init.d/spamassassin restart
server:/# /etc/init.d/postfixreload

Razor & DCC

server:/# cd ~/
server:/# apt-get install razor
server:/# wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z 
server:/# tar xfvz dcc-dccproc.tar.Z 
server:/# cd dcc-dccproc-* 
server:/# ./configure
server:/# make
server:/# make install 
server:/# rm dcc-dccproc.tar.Z
server:/# rm -Rf dcc-dccproc-*
First lets make sure that DCC is working. 
server:/# cdcc info
You should get a big long list of servers. Next let’s get Razor all set up. 
server:/# cd /etc/mail/spamassassin 
server:/# mkdir .razor 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -register 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -create 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -discover
server:/# pico /etc/mail/spamassassin/.razor/razor-agent.conf
We have to add one line to this file 
razorhome = /etc/mail/spamassassin/.razor/
It will most likly be the only line in the file. Now let’s open up the spamassassin local config file 
server:/# pico /etc/mail/spamassassin/local.cf
We want to add two lines at the end of the file 
/etc/mail/spamassassin/.razor/razor-agent.conf
use_dcc 1 dcc_path /usr/local/bin/dccproc dcc_add_header 1
One last thing we need to do is add DCC to your spamassassin init file. 
server:/# pico /etc/mail/spamassassin/init.pre
Add this to the end of the file 
loadplugin Mail::SpamAssassin::Plugin::DCC
Now restart Spamassassin and reload Postfix. 
server:/# /etc/init.d/spamassassin restart
server:/# /etc/init.d/postfix reload

Procmail

Ok, we have to decide what to do once an email gets labeled as spam. First off let’s make sure that all email goes through procmail. 
server:/# pico ~/.forward
Now lets add a line. Make sure to keep the quotes. 
"|exec /usr/bin/procmail || exit 75"
Before we create our procmail instructions we need to do a couple things. First we want to create a new folder in our mail dir called “Spam” which we’ll forward all our spam to. Next we have to take note to where our shell is located. 
server:/# touch ~/mail/Spam
server:/# which sh
/bin/sh
Now let’s tell Procmail what to do. 
server:/# pico ~/.procmailrc
Make sure bash is set to the value you got before. Also change the MAILDIR to wherever your mail directory is. I’ve asumed it’s in ~/home/mail. 
#Preliminaries
SHELL=bin/sh
MAILDIR=${HOME}/mail
DEFAULT=$MAILDIR/ 
:0:
* ^X-Spam-Flag: YES
$MAILDIR/Spam
Now if anything is flaged as spam it will automatically be moved into the spam folder. Let’s restart spamassassin and postfix one last time, for good luck. 
server:/# /etc/init.d/spamassassin start
server:/# /etc/init.d/postfix restart

Now sit back, relax and reminisce about the days when you used to get spam.

Resources

http://blog.psuter.ch/index.php?/archives/29-installing-spamassassin-on-debian-with-postfix.html
http://aaron.birenboim.com/unix/postfix+spamassassin.htm
http://linux.duke.edu/~mstenner/docs/sa-docs/advanced.html
http://www.cs.rutgers.edu/~watrous/procmail-spam.html

10 comments

Comments

  1. 06/11/08 - lembal@libertysurf.fr Says:

    Thanx for your how-to ! It'd helped me to set-up my own professional mail server on Debian Sarge ! Good Work !

  2. 06/11/08 - Eric Says:

    No problem. I'm glad you you liked it.

  3. 06/11/15 - lembal@libertysurf.fr Says:

    Just a question... why don't you use bayesian filter fonction of spamassassin which permit a better detection by the way... ;)

  4. 06/11/15 - Eric Says:

    Hey. I actually am running a Bayesian filter now. I just switched from Spamassassin to ASSP though. There is a nice tutorial "here":http://www.howtoforge.com/antispam_smtp_proxy on how to set it up. I like the web admin interface that it provides and it's ease of setup. I took me quite a while to get Spamassassin running the way I wanted it to where as ASSP was up and running in a matter of minutes.

  5. 06/11/28 - Mike Says:

    Just FYI. If you follow the procmail tutorial completely, your mail will not get deliered correctly if you use maildir setups. You need a DEFAULT statement in the .procmailrc file or it will deliver all mail not marked as spam to /home/user/mail/. Also, for Maildir, the .procmailrc fle should look more like this: #Preliminaries SHELL=bin/sh MAILDIR=$HOME/Maildir DEFAULT=$MAILDIR/ :0: * ^X-Spam-Flag: YES $MAILDIR/.Spam You can also add LOGFILE=$HOME/.procmail-log if you are having problems with procmail losing messages. One last note: I was also unable to touch my spam folder, but it is there :) It's a Maildir thing.. Other than that, GREAT tutorial!

  6. 06/12/04 - Eric Says:

    Thanks Mike :) I’ve updated the .procmailrc file description in the tutorial.

  7. 06/12/09 - Jon Says:

    Thanks for a pretty complete tutorial I got things running pretty quickly with this.

  8. 06/12/19 - Mino Says:

    Hi, I am using ubuntu linux with postfix, procmail and spamassassin. I would like to know where my home directory is to where I should put the .procmailrc file. I have a directory for all email accounts as follows: /home/vmail/allmails.com.ph/john /home/vmail/allmails.com.ph/peter /home/vmail/allmails.com.ph/etc…..

    Where should i put the .procmailrc? I read in many procmail tutorials to put that file in the home directory but they all don’t tell me which is my home directory. Please help me.. Thanks, Mino

  9. 06/12/19 - Eric Says:

    Hi Mino, I’m not too sure on Ubuntu since I’m not running it, but it should be pretty simular to Debian anyways. The file you edit depends whether you want your procmail commands to be global (all email accounts) or just for one user. If you want them to be global you want to be editing your /etc/procmailrc file. If you want any specific commands for a certain user then you can put them in the users home directory .procmailrc file. So if your user is named Bob then your procmail file will be in /home/Bob/.procmailrc .

  10. 07/12/03 - AlexT Says:

    Great tutorial… A couple of possible refinements:

    1. If in addition to the -o content_filter… parameter to smtpd you also add: -o receive_override_options=no_address_mappings the X-Original-To header will then be correct.

    2. You can avoid using the shell script by using the—pipe-to option to spamc. Your arvg parameter for spamassassin would then look like this: /usr/bin/spamc—pipe-to /usr/sbin/sendmail -i -f ${sender} ${recipient}

    Alex

Have your say

A name is required. You may use HTML in your comments.




About

Eric Goodwin is a web developer living in Victoria BC, Canada. You can contact him at eric@ericgoodwin.com

Open Source

Projects

Elsewhere

Archives