Jump to content

Spamassassin and mail servers

phunni

By phunni
in Networking

 Share

Recommended Posts

phunni Mandriva Guru

phunni

Posted
Posted

I have a server which currently firewalls/proxies for the computers at home. I want to set it up so that my local mail clients can pick up their mail from it via smtp and have it invoke spamassassin on the mail before it becomes available to the local client.

 

I've seen a few recipies ( including one here somewhere) about this which talk about procmail/postfix and that kind of thing. They also talk about delivering to mbox files which is where my confusion starts.

 

I'm assuming that the expectation there is that the mail will be colected from the mbox file locally and not via smtp - am I correct in thinking that? Also are either procmail or postfix (or anything else) suitable as smtp servers?

 

I can't see any reason to send mail via this server as my main concern is simply getting spam filtering of my local desktop and onto the server.

 

Thoughts please...

Link to comment
Share on other sites
Crashdamage Awesome

Crashdamage

Posted
Posted (edited)

Sounds like what you want is to have the server get the mail via fetchmail, send it to procmail, which then sends it to spamasassin for checking, then procmail takes the results and sorts and delivers the mail (all this would be done on the server). No problem. And procmail can deliver it either to mboxes on the server for the workstations to access there, or send it to mboxes on the workstations themselves. You've got it basically right, the workstations wouldn't fetch mail themselves at all, fetchmail running on the server would handle that and the workstations' email clients would just look in the mailboxes. Likely you'd want filtered spam to stay in a mbox on the server.

 

Unless you want to do some processing of outgoing mail, you wouldn't need to setup sending mail via the server, outgoing email can be sent directly from the workstations' email clients with their built-in send capability or with sendmail, postfix, qmail, whatever you like to handle outgoing mail. I use the lovable Mutt for email, which does not have send capability built-in, with sendmail.

 

I can probably help you with some (most?) of setup if you want, but I'm no guru at this.

Edited by Crashdamage
Link to comment
Share on other sites
paul Platinum

paul

Posted
Posted

hey phunni.

I have postfix, amavisd-new, spamassassin, f-prot, clamav, and uw-imap running :)

 

the only thing you'll need that I dodn't have is fetchmail, unless you have a static IP and want to run you're own mail service.

the steps I took are basically like this

install spamassassin

install f-prot

install clamav

install postfix

install uw-imap (you may want to use courier, cyrus, or something else)

install amavisd-new

configure postfix

configure amavisd-new

 

Postfix isn't too hard to configure for mail filtering

in main.cf

content_filter = smtp-amavis:[127.0.0.1]:10024

in master.cf

# amavisd-new and spamassassin
smtp-amavis unix -      -       n       -       2       smtp
   -o smtp_data_done_timeout=1200
   -o disable_dns_lookups=yes
127.0.0.1:10025 inet n  -       n       -       -       smtpd
   -o content_filter=
   -o local_recipient_maps=
   -o relay_recipient_maps=
   -o smtpd_restriction_classes=
   -o smtpd_client_restrictions=
   -o smtpd_helo_restrictions=
   -o smtpd_sender_restrictions=
   -o smtpd_recipient_restrictions=permit_mynetworks,reject
   -o mynetworks=127.0.0.0/8
   -o strict_rfc821_envelopes=yes
   -o smtpd_error_sleep_time=0
   -o smtpd_soft_error_limit=1001
   -o smtpd_hard_error_limit=1000

in amavisd.conf there is heaps of documentation

I mark all spam as spam, but still deliver it (just in case)

$sa_spam_subject_tag = '***SPAM*** ';

 

It'll take a while to get going, but its not that hard

I founf some docs on the net that are gentoo specific, but are good reading ... if I find them again, I'll post them here

Link to comment
Share on other sites
phunni Mandriva Guru

phunni

Posted
  • Author
Posted

Thanks guys - this at leat gives me confidence to get started - knowing that I'm not installing things which I don't need. Speaking of which - isn't clamav a virus checker? Do I need one of those. While I do have a windows workstation on the network, it never picks up email - that's only ever done on my linux desktop

 

Someone mentioed me today that apache might be able to deliver mail to my desktop. I already have it on the server, simply to serve the "you can't access that page - it's naughty!" kind of stuff. Is this a red herring - expecially since I'm going to have to install procmail anyway...

Link to comment
Share on other sites
Crashdamage Awesome

Crashdamage

Posted
Posted

Hmmm...apache might deliver mail, but I never heard of anyone using it for that. But procmail is bound to be easier to setup and more flexible, since that's what it's intended to do.

 

I don't know if you really need any of this, but here's a little stuff that might help you get fetchmail and procmail going.

 

Fetchmail is very simple. I call fetchmail with: "!fetchmail -as\n". See 'man fetchmail' for details about the '-a' and '-s' options.

Some basics for a .fetchmailrc:

 

# This option tells fetchmail to run in the background as a daemon and
# automatically check specified mail server(s).  This example sets a
# pass every 600 seconds (10 min).  Comment out to NOT run fetchmail in
# daemon mode.
#  set daemon 600

  set postmaster "joe"   # Name of the last-resort mail repcient.
#  set bouncemail         # Directs error mail to sender.
#  set no spambounce      # Sends spambounces.
  set properties ""      # String value is ignored by fetchmail.
  set logfile  "~/.fetchmail.log"

# Set the pop username and password.  Leave the password 
# parameter out to enter the password manually at login.
# Basic format is:
#  poll SERVERNAME protocol PROTOCOL username NAME password PASSWORD
# Example:
#  poll pop.gmx.net protocol pop3 username  "joeblow"  password "PASSWD"
  poll pop-server.kc.rr.com protocol pop3 no dns  username "joeblow"

# Tell fetchmail to send downloaded mail to procmail for further
# processing.  Comment out this line if not using procmail.
  mda "/usr/bin/procmail -d %T"

 

A .procmailrc can be very simple or it can get pretty complicated, depending on what chores you want procmail to do. Some basics for a simple .procmailrc:

 

# Preliminaries and File Locations:
 DEFAULT=$HOME/mail/spool   # Often set to /var/spool/mail/joeblow
 MAILDIR=$HOME/mail
 SPAM=$HOME/mail/in/SPAM
 FORMAIL=/usr/bin/formail
 PATH=/usr/bin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin/:/usr/games:/usr/lib/jre-1.4.2_05/bin
 SHELL=/bin/sh    # For other shells, this might need adjustment - check your path!
 LOGFILE=$HOME/.procmail.log   # This can be set globally in /etc/procmailrc.
# LOGFILE=/dev/null   # Do not generate a logfile.
 VERBOSE=OFF   # OFF gives simple log entries.  Set to ON for details for troubleshooting.

# Some basic usage recipes:
# 1st, we nuke duplicates using formail:
:0 Whc: .msgid.lock
| $FORMAIL -D 16384 .msgid.cache

# 2nd, send messages smaller than 250kb to spamassassin for checking:
:0fw: spamassassin.lock
* < 256000
| spamassassin

# 3rd, send messages flagged as spam to their own special place.
:0:
* ^X-Spam-Flag: Yes
$HOME/mail/in/SPAM

# 4th,sort email from certain people:
:0
* ^From.*jblow@earthlink\.net
$HOME/mail/in/joe

 

Obviously, I didn't write those for a mailserver, but they should give you the idea. You'll need to add stuff for sending email trough a virus checker, to all your mailboxes, etc. There's an awful lot procmail can do. Check out Prof Timo's Procmail Tips & Recipes for much more great info.

http://www.uwasa.fi/~ts/info/proctips.html

Link to comment
Share on other sites
Crashdamage Awesome

Crashdamage

Posted
Posted (edited)
What's the difference between postfix and procmail?

It's like this...

 

There's MTAs (mail transfer agents), and MSAs (mail storage agents) and MUAs (mail user agents).

 

MTAs get and send email over the internet. Fetchmail is an MTA that is specialized for getting mail. Postfix, sendmail, qmail, etc are also MTAs, specialized for sending mail.

Procmail is a MSA. It takes the retrieved mail, sends it off for further processing (spamassassin, virus checker, etc.) then takes the output, sorts and stores it on the system in the designated place(s).

MUAs are your email reader/composer - sylpheed, mutt, kmail, whatever.

 

These functions sometimes overlap - like a MTA may have some MSA functionality, or as you know, most (but not all, such as mutt, pine, etc.) email clients nowadays have built-in retrieve and send capabilities and so can deal with mail over the internet directly. They really are a MTA+MSA+MUA all-in-one.

But often the all-in-one approach isn't the best answer. Like Mr. Natural says, "Always use the right tool for the job." A building-block-of-apps approach, using tools specialized for each task, can give far, far better flexibilty.

 

On most company email systems these days, the mail server's MTA fetches the mail from the internet, then the MSA sends it for processing and then stashes the output on the server, where the worker's MUA retrieves it via pop3 or imap. Outgoing mail may (or may not) be sent back to the server for virus checking, etc before going out on the 'Net.

But that's usually for mid-to-large size companies where without using pop3/imap retrieval by the workers' email clients, the poor IT guy would have to set up sorting incoming mail to dozens, maybe hundreds, of mailboxes, keep track of all the name changes, etc, etc. Uuugghh. For your purposes you won't need to sort to hundreds of mailboxes, so I don't see much point in having the workstations' mail clients retrieve mail from your server via pop3.

 

For incoming mail you can just let fetchmail get the mail (either running as a daemon auto-fetching every X-minutes, or called manually by the email client) have procmail send it for processing and then sort and deliver the filtered mail directly to the client mailbox(s) wherever they are, and skip setting up pop or imap retrieval on the client side. When you open your mail client the new mail will just be in there.

 

For outgoing, if you use a mail client with built-in send capability outgoing mail can go out directly from the workstation. I have sendmail setup on my box, but that's 'cause the lovable mutt doesn't have a built-in send capability (though mutt will do pop3/imap retrieval and a whole lot more). So you won't need sendmail or postfix on the workstations unless you use a mail client like mutt that needs it. And you won't need to setup sendmail or postfix on your server *unless* you want send outgoing mail back to the server to run an anti-virus check or do other processing before it hits the 'Net. If so, you might want to get Paul more involved in this.

 

Hope that clears things up a little...

Edited by Crashdamage
Link to comment
Share on other sites
Crashdamage Awesome

Crashdamage

Posted
Posted (edited)

Can't help you with the old info by Tom Berger. But really this thread should have enough info to get you started. Install fetchmail, procmail, spamassassin and a virus checker (if you want it) on your server. Then read through this thread again, look at the sample .fetchmail and .procmailrc code I posted, and of course check out 'man fetchmail' and 'man procmail'. Take a little time to grok the basics of setting up your ~./spamassasin/user_prefs.

 

For your purposes I'd probably just let fetchmail run in daemon mode and auto-fetch every few minutes. And like I said before, you'll need to add some entries in .procmailrc to specify delivery to your particular mailboxes. If you want to have procmail deposit mail in mailboxes on the local workstations, of course you will need to allow the server access to those and the workstations have to be running. I'd probably have procmail leave mail in mboxes on the server and have the mail clients access those - directly, not with pop3 - but however you want to do it, depending on your needs. Losta possibilties.

 

Paul or someone else can probably help you more with setup of virus checking. I don't bother with it on incoming mail with Linux. Linux is immune, ya know. Virus checking at the mail server is mostly for corporate stuff. As for outgoing, I doubt I'd ever send a virus on outgoing mail, and as far as I'm concerned Winidiots are on their own anyway. My Win boxes have virus software on 'em to do virus protection locally 'cause after all, email isn't the only way to get infected.

 

None of this is really all that hard, ya just gotta go for it. If I-who-knows-nothing can do it, you certainly can. The link I gave for Prof Timo's Procmail Tips & Recipies is very good. Here it is again, and some other links I like for this stuff:

 

http://www.uwasa.fi/~ts/info/proctips.html

http://userpages.umbc.edu/~ian/procmail.html

http://linux.cudeso.be/linuxdoc/fetchmail.php

http://www.troubleshooters.com/lpm/200402/200402.htm

 

Google will find a *lot* more stuff for you.

Edited by Crashdamage
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...