July 14, 2021 Roberto Puzzanghera 2 comments
This page concerns the setup of several filtering networks which help
spamassassin to decide if a given message is spam or not. Enabling them, together with the bayesian learning system, drastically improves the
spamassassin efficiency in doing this.
First of all load the filters that we are going to enable editing your v310.pre file like this:
# DCC - perform DCC message checks. # # DCC is disabled here because it is not open source. See the DCC # license for more details. # loadplugin Mail::SpamAssassin::Plugin::DCC # Pyzor - perform Pyzor message checks. # loadplugin Mail::SpamAssassin::Plugin::Pyzor # Razor2 - perform Razor2 message checks. # loadplugin Mail::SpamAssassin::Plugin::Razor2 # SpamCop - perform SpamCop message reporting # loadplugin Mail::SpamAssassin::Plugin::SpamCop
Vipul's Razor is a distributed, collaborative, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical and randomized signatures that efficiently spot mutating spam content. User input is validated through reputation assignments based on consensus on report and revoke assertions which in turn is used for computing confidence values associated with individual signatures.
cd /usr/local/src wget https://downloads.sourceforge.net/project/razor/razor-agents-sdk/2.07/razor-agents-sdk-2.07.tar.bz2 wget https://downloads.sourceforge.net/project/razor/razor-agents/2.85/razor-agents-2.85.tar.bz2 tar xjf razor-agents-sdk-2.07.tar.bz2 cd razor-agents-sdk-2.07 chown -R root:root . perl Makefile.PL make make install cd .. tar xjf razor-agents-2.85.tar.bz2 cd razor-agents-2.85 chown -R root:root . perl Makefile.PL make make install
You should have already installed the
Razor2 perl package. If not install it now:
force notest install Mail::SpamAssassin::Plugin::Razor2
Razor2 requires reporters to be registered. This lets reporters build a reputation over time, so their reports and revocations are weighed according to their reputation value.
Register yourself and create the config directory:
mkdir -p /etc/mail/spamassassin/.razor razor-admin -home=/etc/mail/spamassassin/.razor -register razor-admin -home=/etc/mail/spamassassin/.razor -create razor-admin -home=/etc/mail/spamassassin/.razor -discover
Razor2 where it lives adding this line to /etc/mail/spamassassin/.razor/razor-agent.conf and setup the log dir
razorhome = /etc/mail/spamassassin/.razor/ logfile = /var/log/spamassassin/razor-agent.log
We already set the rotation of this log file before.
Razor2 lives adding this to your local.cf
Pyzor is a collaborative, networked system to detect and block spam using digests of messages. Using Pyzor client a short digest is generated that is likely to uniquely identify the email message.
You can install
pip3 install pyzor
or, as an alternative, you can download the source and install in the usual way
cd /usr/local/src wget https://files.pythonhosted.org/packages/75/9d/e38a18d8c932f397537cda0d03a606314611fe1ebd8b24ed8fdd4df23191/pyzor-1.0.0.tar.gz tar xzf pyzor-1.0.0.tar.gz cd pyzor-1.0.0 chown -R root:root . python setup.py build python setup.py install
mkdir -p /etc/mail/spamassassin/.pyzor chown spamd:spamd /etc/mail/spamassassin/.pyzor
Pyzor lives adding this to your local.cf
pyzor_options --homedir /etc/mail/spamassassin/.pyzor pyzor_timeout 20
Spamcop is a known spam blocking list which works also as a reporting system sending warning information to the internet service provider responsible for hosting the services used by the spammer (web sites and email sending sites). SpamCop also uses the information to generate SpamCop's free blocking list.
Register an account here. Note: the captcha filter is not working here on my chromium browser; it works with firefox. At the end of the procedure you will get a unique e-mail address (something like email@example.com) that you have to pass to
spamassassin in order to send the reports to
Finally you have to add the
Spamcop addresses to your configuration in your local.cf file.
spamcop_to_address is the address where to submit your reports, while
spamcop_from_address is an email where you want to receive a feedback from the reporting system each time a spam message has been reported.
spamcop_from_address firstname.lastname@example.org spamcop_to_address email@example.com
The Distributed Checksum Clearinghouses or DCC is an anti-spam content filter that runs on a variety of operating systems. The counts can be used by SMTP servers and mail user agents to detect and reject or filter spam or unsolicited bulk mail. DCC servers exchange or "flood" common checksums. The checksums include values that are constant across common variations in bulk messages, including "personalizations."
Install as follows
wget https://www.dcc-servers.net/dcc/source/dcc.tar.Z tar xzf dcc.tar.Z cd dcc-v.er.sion CFLAGS="-O2 -fstack-protector" DCC_CFLAGS="-O2 -fstack-protector" ./configure make make install
Now load DCC uncommenting this line in your v310.pre file
and enable it adding these lines to your local.cf
use_dcc 1 dcc_path /usr/local/bin/dccproc
This is how to test that the message is reported to
Spamcop. Save a raw spam message into spam.txt and run
spamassassin passing the
spamassassin --debug --report --nocreate-prefs < spam.txt
apache clamav dkim dovecot ezmlm fail2ban hacks lamp letsencrypt linux linux-vserver lxc mariadb mediawiki mozilla mysql openboard owncloud patches php proftpd qmail qmail to postfix qmail-spp qmailadmin rbl roundcube rsync sieve simscan slackware solr spamassassin spf ssh ssl surbl tcprules tex ucspi-tcp vpopmail vqadmin