Eric Goodwin

archive

Debain Sarge Spam Killer - Postfix, Spam Assassin, Razor, DCC and Procmail
06/09/21

About three weeks after putting my email address on the main page of my blog I started to get spam, and a lot of it. That’s when I decided to install Spamassassin. To help Spamassassin to detect spam I also installed DCC and Razor, two anti-spam filters. Here’s what I did and how I did it.

This tutorial assumes that you have postfix up and running already.

First lets walk through the steps that postfix goes through when you receive an incoming email.

When receiving an email postfix looks for .forward in your home directory and executes any commands that you have in this file. If postfix doesn’t find a .forward file then it will execute /etc/procmailrc with no options and afterwards execure ~/.procmailrc if it can find that file.

Ok, let’s get started.

Spamassassin

server:/# apt-get install spamassassin
server:/# adduser --system --home /var/lib/spam --shell /bin/false --disabled-password --disabled-login spamd
server:/# pico /etc/default/spamassassin
Change ENABLED=0 to ENABLED=1 
server:/# pico /etc/postfix/master.cf
Look for a line like this: 
smtp      inet  n       -       -       -       -       smtpd
and on the following line add: 
-o content_filter=spamassassin
And at the end of the file add this line 
spamassassin unix - n n - - pipe flags=Rq user=spamd argv=/usr/local/bin/sa-filter.sh -f ${sender} ${recipient}
Now let’s create the file we just refered to in the previous line of code. 
server:/# pico /usr/local/bin/sa-filter.sh
And let’s add this into it 
#!/bin/bash
/usr/bin/spamc | /usr/sbin/sendmail -i "$@" 
exit $?
Now that that’s done, make sure that spamd is the owner and then restart everything. 
server:/# chown spamd:spamd /usr/local/bin/sa-filter.sh
server:/# chmod 755 /usr/local/bin/sa-filter.sh
server:/# /etc/init.d/spamassassin restart
server:/# /etc/init.d/postfixreload

Razor & DCC

server:/# cd ~/
server:/# apt-get install razor
server:/# wget http://www.dcc-servers.net/dcc/source/dcc-dccproc.tar.Z 
server:/# tar xfvz dcc-dccproc.tar.Z 
server:/# cd dcc-dccproc-* 
server:/# ./configure
server:/# make
server:/# make install 
server:/# rm dcc-dccproc.tar.Z
server:/# rm -Rf dcc-dccproc-*
First lets make sure that DCC is working. 
server:/# cdcc info
You should get a big long list of servers. Next let’s get Razor all set up. 
server:/# cd /etc/mail/spamassassin 
server:/# mkdir .razor 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -register 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -create 
server:/# razor-admin -home=/etc/mail/spamassassin/.razor -discover
server:/# pico /etc/mail/spamassassin/.razor/razor-agent.conf
We have to add one line to this file 
razorhome = /etc/mail/spamassassin/.razor/
It will most likly be the only line in the file. Now let’s open up the spamassassin local config file 
server:/# pico /etc/mail/spamassassin/local.cf
We want to add two lines at the end of the file 
/etc/mail/spamassassin/.razor/razor-agent.conf
use_dcc 1 dcc_path /usr/local/bin/dccproc dcc_add_header 1
One last thing we need to do is add DCC to your spamassassin init file. 
server:/# pico /etc/mail/spamassassin/init.pre
Add this to the end of the file 
loadplugin Mail::SpamAssassin::Plugin::DCC
Now restart Spamassassin and reload Postfix. 
server:/# /etc/init.d/spamassassin restart
server:/# /etc/init.d/postfix reload

Procmail

Ok, we have to decide what to do once an email gets labeled as spam. First off let’s make sure that all email goes through procmail. 
server:/# pico ~/.forward
Now lets add a line. Make sure to keep the quotes. 
"|exec /usr/bin/procmail || exit 75"
Before we create our procmail instructions we need to do a couple things. First we want to create a new folder in our mail dir called “Spam” which we’ll forward all our spam to. Next we have to take note to where our shell is located. 
server:/# touch ~/mail/Spam
server:/# which sh
/bin/sh
Now let’s tell Procmail what to do. 
server:/# pico ~/.procmailrc
Make sure bash is set to the value you got before. Also change the MAILDIR to wherever your mail directory is. I’ve asumed it’s in ~/home/mail. 
#Preliminaries
SHELL=bin/sh
MAILDIR=${HOME}/mail
DEFAULT=$MAILDIR/ 
:0:
* ^X-Spam-Flag: YES
$MAILDIR/Spam
Now if anything is flaged as spam it will automatically be moved into the spam folder. Let’s restart spamassassin and postfix one last time, for good luck. 
server:/# /etc/init.d/spamassassin start
server:/# /etc/init.d/postfix restart

Now sit back, relax and reminisce about the days when you used to get spam.

Resources

http://blog.psuter.ch/index.php?/archives/29-installing-spamassassin-on-debian-with-postfix.html
http://aaron.birenboim.com/unix/postfix+spamassassin.htm
http://linux.duke.edu/~mstenner/docs/sa-docs/advanced.html
http://www.cs.rutgers.edu/~watrous/procmail-spam.html

10 comments

About

Eric Goodwin is a web developer living in Victoria BC, Canada. You can contact him at eric@ericgoodwin.com

Open Source

Projects

Elsewhere

Archives