Servers 101: Emailify Your Server Part 5: SpamAssassin!

in #tutorial9 years ago (edited)

In the previous part, we configured Dovecot with an SSL we created via Let's Encrypt. We also added roundcube for webmail. Now we will install SpamAssassin to save ourselves some headache.

Note, it takes time before SpamAssassin can correctly identify spam messages, so always check your spam more often in the beginning, when setting up a new mailserver.

Other stuff in the Server 101 series:

Before starting, get root access, if you don't have it already! sudo su

What is SpamAssassin

SpamAssassin is a computer program used for e-mail spam filtering. SpamAssassin uses a variety of spam-detection techniques, including DNS-based and fuzzy-checksum-based spam detection, Bayesian filtering, external programs, blacklists and online databases. It is released under the Apache License 2.0 and is now part of the Apache Foundation. Source: Wikipedia

Installation and preconfiguration

At first, we need to make a user for SpamAssassin, named spamc:

adduser spamd --disabled-login

and then install spamassassin:

apt-get install spamassassin spamc dovecot-antispam dovecot-sieve

Infopart

Now, things will get a little tricky. We have to edit SpamAssassin's config file, then edit postfix config. Why?

Heres how your mail server (and all mailservers) work:

  1. Postfix receives an email from an external server
  2. Postfix sends the email to dovecot for delivery
  3. Dovecot delivers the email

When we finish with our configuration, our server will work like this:

  1. Postfix receives an email from an external server
  2. Postfix sends the email to SpamAssassin
  3. SpamAssassin checks if the email is spam, with various rules
  4. If message is spam, the spam-header-flag=yes header is added and gets forwarded to dovecot. If the message is not a spam, it is forwarded to dovecot without any changes.
  5. Dovecot receives the message and a search for the spam-header-flag is triggered, and delivers it to the correct folder.
  6. If you use IMAP, and you move a message to/from the Spam folder, Dovecot will trigger a train command for SpamAssassin. When enough time goes by and you use IMAP, you will get less false-positives.

Spamassassin config edit

nano /etc/default/spamassassin


Nano will now open with the spamassassin config file on screen.

We need to locate the ENABLED=0 line, and change it to ENABLED=1.

We have to change SPAMD_HOME's path to /home/spamd/. It should look like this: SPAMD_HOME="/home/spamd/"

Locate OPTIONS=... and change it to look like this:

OPTIONS="--create-prefs --max-children 5 --username spamd --helper-home-dir ${SPAMD_HOME} -s ${SPAMD_HOME}spamd.log"


We also have to change the PIDFILE parameter. In some cases, we have to write it ourselves, as it's not there. We need it to look like this: PIDFILE="${SPAMD_HOME}spamd.pid"

As a final step, locate CRON=.. and change it to CRON=1. This will tell SpamAssassin that the rules will be updated automatically.

Save and Exit!

Spamassassin anti-spam rules

nano /etc/spamassassin/local.cf

This will open the local.cf file, which we will edit. By default, on Ubuntu 17.04 at least, everything is commented out, with a few exceptions. Copy/paste the following in the beginning of the file.

rewrite_header Subject *****SPAM*****
report_safe             0
required_score          5.0
use_bayes               1
use_bayes_rules         1
bayes_auto_learn        1
skip_rbl_checks         0
use_razor2              0
use_dcc                 0
use_pyzor               0


Save and exit!

Now we will edit the master.cf file from postfix: nano /etc/postfix/master.cf

When we configured postfix, we uncommented this block of code:

smtps     inet  n       -       y       -       -       smtpd
  -o syslog_name=postfix/smtps
  -o smtpd_tls_wrappermode=yes
  -o smtpd_sasl_auth_enable=yes
  -o smtpd_reject_unlisted_recipient=no
  -o smtpd_client_restrictions=$mua_client_restrictions
  -o smtpd_helo_restrictions=$mua_helo_restrictions
  -o smtpd_sender_restrictions=$mua_sender_restrictions
  -o smtpd_recipient_restrictions=
  -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
  -o milter_macro_daemon_name=ORIGINATING

Just below the first line (smtps inet n - y - - smtpd), add the following line (copy/paste the spaces as well to keep the same format)

  -o content_filter=spamassassin


Also, at the end of the file, copy and paste the following:

spamassassin unix -     n       n       -       -       pipe
user=spamd argv=/usr/bin/spamc -f -e  
/usr/sbin/sendmail -oi -f ${sender} ${recipient}


Save and exit!

Restart the services

We finished with the configuration. We now have to restart both postfix and spamassassin:

service spamassassin start
service postfix restart


I was planning to add an antivirus here, but it was a crazy day when I was writing this and I'm out of time. I will post the antivirus part as a seperate part.

Antivirus part is now available here!

If you need a place to host your servers consider Vultr, Digital Ocean and BuyVM.

These are affiliate links. If you sign up through them, you support me and I will have more free time to write more content like this.

Also If you signup for Digital Ocean through my affiliate link, you will get $10 to try them out. Note: to battle abusers of this offer, you'll have to make a $5 deposit via Paypal or add your credit/debit card, so they can confirm that you are a new user. I did a deposit via Paypal to test them out, and then I added my credit card so I won't have to deposit money manually every now and then.

Also, I am running a witness server.

Please consider voting me, dimitrisp, for a witness if you find what I post & do helpful and add value to the network

You can read my witness declaration here

#linux #howto #servers #webserver
9 years ago in #tutorial by
$24.61
  • Past Payouts $24.61
  • - Author $18.55
  • - Curators $6.06
8 votes
Reply 0

Coin Marketplace

STEEM 0.04
TRX 0.32
JST 0.077
BTC 63074.17
ETH 1657.75
USDT 1.00
SBD 0.41