Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
HOWTO - Spam Filtering with Gentoo, Postfix, Amavis & SA
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
MaxMara
n00b
n00b


Joined: 31 Aug 2004
Posts: 35
Location: Vienna/Austria

PostPosted: Wed Sep 22, 2004 11:39 am    Post subject: Reply with quote

Code:
drwxr-xr-x  16 root root 4096 Aug 30 14:08 /var/spool/postfix/

and
Code:
drwx------  18 postfix root     4096 Sep  6 08:26 active
drwx------  18 postfix root     4096 Sep 16 03:20 bounce
drwx------   2 postfix root     4096 Aug 30 13:47 corrupt
drwx------   8 postfix root     4096 Sep 22 08:24 defer
drwx------   8 postfix root     4096 Sep 22 08:27 deferred
drwx------   4 postfix root     4096 Sep 22 03:24 flush
drwx------   2 postfix root     4096 Aug 30 13:47 hold
drwx------  18 postfix root     4096 Sep 22 10:44 incoming
drwx-wx---   2 postfix postdrop 4096 Sep 22 03:24 maildrop
drwxr-xr-x   2 root    root     4096 Sep 21 16:55 pid
drwx------   2 postfix root     4096 Sep 22 08:46 private
drwx--x---   2 postfix postdrop 4096 Sep 22 08:46 public
drwx------   2 postfix root     4096 Aug 30 13:47 saved
drwx------   3 postfix root     4096 Sep  1 14:52 trace
Back to top
View user's profile Send private message
jaingaurav
n00b
n00b


Joined: 10 Dec 2003
Posts: 62
Location: Guelph, Canada

PostPosted: Thu Oct 21, 2004 8:53 pm    Post subject: Reply with quote

This HOWTO has been added to the Gentoo Wiki project:

http://gentoo-wiki.com/HOWTO_Spam_Filtering_with_Gentoo%2C_Postfix%2C_Amavis_%26_SpamAssassin

Please make any updates on that site.

Thanks!
Back to top
View user's profile Send private message
solatis
Apprentice
Apprentice


Joined: 06 Nov 2002
Posts: 214
Location: University of Twente, The Netherlands

PostPosted: Sat Oct 30, 2004 9:04 pm    Post subject: Reply with quote

Thanks for this how-to! It really does seem to do the trick.

However, I've just set everything up and let SA scan my whole mailbox, and for some reason, it does seem to be a bit too picky - it filters our quite a lot of mail that isn't spam. Anyone knows how I can tweak this a little ? Can I look up which email was found to be spam according to which rules or so, so I can see which rules seem to be the bad ones ?

And where can I add some sort of whitelist for people I trust (such as co-workers) ?

Thanks in advance!
_________________
Grtz,

Leon Mergen
http://www.solatis.com/
Back to top
View user's profile Send private message
agentgray
n00b
n00b


Joined: 07 Oct 2002
Posts: 13

PostPosted: Thu Nov 18, 2004 8:24 pm    Post subject: Reply with quote

Edit /etc/mail/spamassassin/local.cf

At the top you can add you whitelists and blacklists

I do this

Code:
#whitelists

whitelist_from  blah@blah.com
whitelist_from  *@smith.com


#blacklists

blacklist_from no@spammer.com
blacklist_to emailthatdoesntexistanymore@mydomain.com

_________________
-agentgray
Back to top
View user's profile Send private message
hairyfeet
Tux's lil' helper
Tux's lil' helper


Joined: 07 Jan 2003
Posts: 118
Location: Århus, Denmark

PostPosted: Fri Nov 26, 2004 3:53 pm    Post subject: Reply with quote

There is another Gentoo mailfiltering guide here:

http://home.coming.dk/files/amavis.html
Back to top
View user's profile Send private message
Ateo
Advocate
Advocate


Joined: 02 Jun 2003
Posts: 2021
Location: Republic of California

PostPosted: Tue Dec 28, 2004 10:50 am    Post subject: Reply with quote

If you look in /usr/share/spamassassin, you'll see that the ebuild provides a nice bundle of rulesets.

This might be of intertest: http://mywebpages.comcast.net/mkettler/sa/SA-rules-howto.txt
Back to top
View user's profile Send private message
snizfast
n00b
n00b


Joined: 22 Sep 2004
Posts: 43

PostPosted: Tue Dec 28, 2004 3:04 pm    Post subject: Reply with quote

Note for those who are new to postfix like myself:
1. The postmap command is needed to generate the relay_recipients.db and transport.db files.
2. I had to make the following modifications to the main.cf file
Code:
#content_filter = smtp-amavis:[localhost]:10024

to
Code:
content_filter = smtp:[localhost]:10024

in order for postfix to send the mail to amavis using smtp.
_________________
Talk is cheap, supply exceeds demand
alias nocomment='sed -e '\''s/#.*//;/^\s*$/d'\'' '
Back to top
View user's profile Send private message
overcast
n00b
n00b


Joined: 15 Dec 2003
Posts: 43

PostPosted: Wed Dec 29, 2004 3:52 pm    Post subject: Reply with quote

How can we make amavis/postfix return meaningful bounce messages?

"Message Content Rejected, UBE" doesn't mean anything to the average user. All it does is generate a phone call.

It would be nice to be able to return a plain english explanation to the sender so that they know what happened and give them instructions to follow if it shouldn't have.
Back to top
View user's profile Send private message
volumen1
Guru
Guru


Joined: 01 Mar 2003
Posts: 393
Location: Missoula, MT

PostPosted: Wed Mar 30, 2005 12:16 am    Post subject: Reply with quote

Does anyone know if it's possible to have @local_domains_maps in amavisd.conf do mysql lookups? It seems redundant to have to define all domains that amavisd should consider local, when that information already exists in my transport mysql table (note: I followed the Gentoo Virtmail guide).

I see in the avavisd.conf file where you can do mysql lookups for users and, it looks like, spam policies, but I didn't see how to configure it for my local_domains_maps.
_________________
I was born with a freakin' dice bag on my belt.
-- www.howsyournetwork.com
Back to top
View user's profile Send private message
Capt.Obvious
n00b
n00b


Joined: 19 Mar 2005
Posts: 67

PostPosted: Tue Apr 26, 2005 2:57 am    Post subject: Reply with quote

OK - <edit once more> so how do I fix this?

Received: from localhost (unknown [127.0.0.1]) by achilles.bz.com (Postfix) with ESMTP id D104D1ABFA3C for <wildjeep01@yahoo.com>; Mon, 25 Apr 2005 23:09:15 -0400 (EDT)
Back to top
View user's profile Send private message
green sun
Guru
Guru


Joined: 04 Nov 2002
Posts: 325
Location: Wista, MA

PostPosted: Thu Sep 22, 2005 12:22 am    Post subject: Reply with quote

FYI for everyone

I'll be reinstalling our spamfilter this fall and I plan on updating this HOWTO to reflect the changes in the software then.

I'm also hoping to add sections on updating rules, possible web interfaces & some other goodies I've been looking into since I wrote this.

I want to thank everyone that has replied & PM'ed me about this thread.
Back to top
View user's profile Send private message
rev138
l33t
l33t


Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA

PostPosted: Thu Mar 23, 2006 4:40 pm    Post subject: Reply with quote

geek wrote:
In /etc/amavisd.conf uncomment the following section:
Code:
 ['Clam Antivirus-clamd',

   \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],
   qr/\bOK$/, qr/\bFOUND$/,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

and make sure that you change this line to look like this:
Code:
 \&ask_daemon, ["CONTSCAN {}\n", "/tmp/clamd"],

This points amavis to the correct socket for the clam daemon.


This doesn't work for me. I don't have a "/tmp/clamd" file, and amavis.log reports an error trying to connect to this. clamd is running. Any idea what's wrong?

TIA.
Back to top
View user's profile Send private message
volumen1
Guru
Guru


Joined: 01 Mar 2003
Posts: 393
Location: Missoula, MT

PostPosted: Thu Mar 23, 2006 4:54 pm    Post subject: Reply with quote

In your /etc/clamd.conf file, what is your LocalSocket set to? Make sure it's set to /tmp/clamd if that's where you are telling Amavisd to look.
_________________
I was born with a freakin' dice bag on my belt.
-- www.howsyournetwork.com
Back to top
View user's profile Send private message
rev138
l33t
l33t


Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA

PostPosted: Thu Mar 23, 2006 5:12 pm    Post subject: Reply with quote

volumen1 wrote:
In your /etc/clamd.conf file, what is your LocalSocket set to? Make sure it's set to /tmp/clamd if that's where you are telling Amavisd to look.

Code:
LocalSocket /var/run/clamav/clamd.sock

I tried setting it to this in amavis, but it reported back a permissions problem. The file, however, is readable by everyone.
Back to top
View user's profile Send private message
volumen1
Guru
Guru


Joined: 01 Mar 2003
Posts: 393
Location: Missoula, MT

PostPosted: Thu Mar 23, 2006 5:18 pm    Post subject: Reply with quote

I'd change it in clamd.conf to /tmp/clamd and see how that works for you. Or, check the permissions of the /var/run and /var/run/clamav directories. In my case, I also have clamd running as the amavis user. I think you need to do that.

Code:
# Run as a selected user (clamd must be started by root).
# Default: disabled
User amavis

_________________
I was born with a freakin' dice bag on my belt.
-- www.howsyournetwork.com
Back to top
View user's profile Send private message
rev138
l33t
l33t


Joined: 19 Jun 2003
Posts: 848
Location: Vermont, USA

PostPosted: Thu Mar 23, 2006 5:39 pm    Post subject: Reply with quote

I changed the socket and the user in clamd.conf. That fixed it. Thanks!
Back to top
View user's profile Send private message
ycUygB1
Apprentice
Apprentice


Joined: 27 Jul 2005
Posts: 276
Location: Portland, Oregon

PostPosted: Fri Dec 28, 2007 6:37 pm    Post subject: Reply with quote

I'm not sure if people are still using the combination of Postfix-Clamav-Spamassassin according to
this thread. I thought I would give it a try, but I am mightily confused by this thread and the wiki
article, so I thought I'd ask.

The problems start in that Scott Henderson's document is no longer around,
and the wiki doesn't describe what the steps do, but rather just give code that should be
cut and pasted. This leaves me guessing what all the stuff means. Or reading manuals.

I have an exchange server xxx.yyy.zzz.60 which is functioning fine but receiving a lot of
spam. I thought I'd point the MX records to my Gentoo box xxx.yyy.zzz.58 and then pass
the filtered messages off to the Exchange server.

One problem from the documentation is that it is unclear where this pass off happens.

The descriptions of the port numbers 10024 10025 could use a bit of beefing up too.
Not really sure what all that is about.

Perhaps someone could try a leisurely explanation of what is supposed to be happening here.

Or perhaps one could just read http://www200.pair.com/mecham/spam/
Seems like the folks at Debian have it figured out.

I can only verify now that I can send mail out from my postfix server. Hardly an achievement.
Back to top
View user's profile Send private message
arndawg
Tux's lil' helper
Tux's lil' helper


Joined: 02 Jun 2006
Posts: 97

PostPosted: Fri Jan 18, 2008 7:42 am    Post subject: Reply with quote

Just use the official docs.

http://www.gentoo.org/doc/en/mailfilter-guide.xml

Quote:
Postfix will listen normally on port 25 for incoming mail. Upon reception it will forward it to Amavisd-new on port 10024. Amavisd-new will then filter the mail through different filters before passing the mail back to Postfix on port 10025 which in turn will forward the mail to the next mail server.
Back to top
View user's profile Send private message
gohmdoree
Guru
Guru


Joined: 12 Oct 2004
Posts: 533

PostPosted: Tue Feb 05, 2008 4:02 pm    Post subject: Reply with quote

can you post your pcre files and your local.cf?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum