2003-12-24, 02:39 PM
This is a simple doc on how to get spamassassin and postfix working together. This doc is targeted towards people with Redhat or Fedora. I also use apt-get. If you don't, you are missing out. Grab it at [/url]http://apt.freshrpms.net.
I like postfix mainly because its proven itself as being a fast and secure MTA. It is also very simple to configure unlike sendmail.
Lets grab the needed rpms using apt-get. Chances are apt-get will prompt you to install other needed rpms, just hit yes and let them install
Code:
apt-get install postfix spamassassin redhat-switch-mail
Now that you have all the needed rpms installed lets make sure sendmail won't start on startup and the SA and postfix will load on startup
Code:
chkconfig sendmail off
service sendmail stop
chkconfig spamassassin on
chkconfig postfix on
Now lets just the switch-mail program to make sure postfix is our default MTA
Code:
redhat-switch-mail
Then select postfix and hit ok. It'll change some symlinks to make sure that postfix is the default MTA. Now we are ready to start to config SA and postfix to end spam for good
So we need to create a spam user and also a homer dir for the spam user then make sure all the permissions are ok
Code:
groupadd spam
adduser -g spam -d /var/spam spam
chown -R spam:spam /var/spam
Now that the spam user is setup we have to make a spamfilter file. This is the file that will run the mail through spamassassin. create a file in /usr/local/bin/spamfilter.sh and insert the following lines into the file
Code:
#!/bin/sh
INSPECT_DIR=/var/spam
SENDMAIL=/usr/sbin/sendmail
SPAMASSASSIN=/usr/bin/spamc
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15
cat | $SPAMASSASSIN -f > out.$$ #|| # { echo Message content rejected; exit $EX_UNAVAILABLE; }
$SENDMAIL "$@" < out.$$
exit $?
Now that the file is made we have to set the permissions and ownership for the file so that the user spam can run the file
Code:
chmod +x /usr/local/bin/spamfilter.sh
chown spam:spam /usr/local/bin/spamfilter.sh
Now lets setup postfix. edit the file /etc/postfix/main.cf. Below I have copied the lines I have edited in that file just as they appear BEFORE i edited them. Its up to you to change them. If you see a # in front make sure you remove it. If you don't see one then just edit that line. Ignore the () on the line.. they are my notes to you.
Code:
#myhostname = host.domain.tld (host.domain.com)
#mydomain = domain.tld (domain.com)
#myorigin = $mydomain (just remove the #)
inet_interfaces = localhost (add a # in front)
#inet_interfaces = all ( remove the # in front)
#mydestination = $myhostname, localhost.$mydomain (add a # in front)
mydestination = $myhostname, localhost.$mydomain $mydomain l ( remove the # in front)
#mynetworks_style = subnet
#mynetworks = 168.100.189.0/28, 127.0.0.0/8 (make sure you edit the first string)
#mail_spool_directory = /var/spool/mail
Thats it for main.cf. Now lets edit the file /etc/postfix/master.cf Below I will show the originals then what you should chanjge it to
smtp inet n - y - - smtpd
change it to look like this
smtp inet n - n - - smtpd -o content_filter=spamfilter:dummy
then scroll down to the bottom of the file and add the following. NOTE! the following line should just be one line in the file
spamfilter unix - n n - - pipe flags=Rq user=spam argv=/usr/local/bin/spamfilter.sh ${sender} ${recipient}
Now you are done with that. So the last thing to do is change how spamassassin is started. Edit the file /etc/sysconfig/spamassassin
Code:
# Options to spamd
SPAMDOPTIONS="-d -c -a -u spam -H /var/spam"
The last thing we have to edit is the SA config. It is located at /etc/mail/spamassassin/local.cf. I have an example one at www.zcentric.com/local.cf or use [url=http://www.yrex.com/spam/spamconfig.php]http://www.yrex.com/spam/spamconfig.php to generate your own.
Once you have created your own local.cf file you can move on to the next step
Now lets startup SA and postfix and do some testing!
Code:
service spamassassin start
service postfix start
Then test it out. Make sure you send mail from an outside host. SA does not seem to process it if you send it from the same host that the mailserver is running. You should see something like this in the headers
Code:
X-Spam-Status: No, hits=1.1 required=7.0
tests=DATE_IN_PAST_03_06,SPAM_PHRASE_00_01
version=2.44
X-Spam-Level: *
As you can see I have my limit set at 7 and my test mail got a 1.1 rating. So it doesn't get marked as spam. If its above 7.0 then it'll change the subject to ****SPAM**** before the real subject. Then I have a filter setup on my mailclient to move all mails with that in the subject to a spam folder. You can make SA delete all spam also. Read the SA docs and its all done in the local.cf file
ANother great tip from the J to the Y. Damn i rule