Part Five: Configuring SpamAssassin and Fetchmail

This is the last part of the tutorial on installing a mail server, refer the overview, or hit the tutorials menu at the top, and look at the mail server tutorial category.

In this section, I explain how to configure spam filtering using spam assassin, and how to configure fetchmail to go and get your mail from an existing POP3 isp mail account.

I use fetchmail in this way to avoid making my mail server the primary delivery location for my domain mail.  If I was a bit more confident in the uptime of my ISP and my servers I could just have my mail all come directly to my mail server, but for now I’m choosing to have it delivered to my ISP (who are pretty much always there) rather than have it bounce when my server isn’t there.

This tutorial assumes you’ve completed parts two, three and four, so you have a virtualised mail server that has Exim running on it to deliver mail into a mail box that is in Maildir format in /home/<user>, and dovecot serving that mail as an imap server.  So, let’s get on with the install.

Firstly, install fetchmail:

  aptitude install fetchmail

Then configure fetchmail to go and get mail for each of your users, and pass it off to Exim.  This is configured in /etc/default/fetchmail, we need to change start to yes.  We then create a new file /etc/fetchmailrc, the content of that file should be:

# /etc/fetchmailrc for system-wide daemon mode
# This file must be chmod 0600, owner fetchmail

set daemon        300             # Poll every 5 minutes
set syslog                        # log through syslog facility
set postmaster  root

set no bouncemail                # avoid loss on 4xx errors
                                # on the other hand, 5xx errors get
                                # more dangerous...

##########################################################################
# Hosts to pool
##########################################################################

# Defaults ===============================================================
# Set antispam to -1, since it is far safer to use that together with
# no bouncemail
defaults:
timeout 300
antispam -1
batchlimit 100
poll <your isp address>
  proto pop3
  user <your user>@<your domain> with password [protected] is <local user> here
  smtphost "this machine"
poll pop.myisp.net.au
  proto pop3
  user paul@example.com with password my_password is paul here
  smtphost "example.com"

Then restart fetchmail, it should start getting mail for you and passing it off to Exim for delivery

  /etc/init.d/fetchmail restart

Next, configure spam assassin. Start by installing it

  aptitude install spamassassin

Next, edit the configuration file /etc/default/spamassassin, changing the following values. We are setting the user to be spamd (we need to create this user), which tells spam assassin to store any learned patterns once globally for the system. You can go with per-user settings, but my users have no way to make mail as non-spam, and therefore no way to have spam assassin learn:

  ENABLED=1
  CRON=1
  OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u spamd"

Create the spamd user

  adduser spamd

Start spam assassin running. Note that spam assassin can use a lot of memory and CPU whilst processing e-mail, but that’s the price of spam filtering I guess. For my local mail server it doesn’t appear to be material, for a larger server there are options such as using precompiled rule sets to improve performance (refer instructions for installing sa-compile).

Edit /etc/exim4/exim4.conf.template to set spam assassin to add spam headers to all mail, this config goes in the section labelled acl/40_exim4-config_check-data, near where it has a commented out example section:

  # put headers in all messages (no matter if spam or not)
   warn  spam = nobody:true
       add_header = X-Spam-Score: $spam_score ($spam_bar)
       add_header = X-Spam-Report: $spam_report

  # add second subject line with *SPAM* marker when message
  # is over threshold
    warn  spam = nobody
        add_header = Subject: ***SPAM (score:$spam_score)*** $h_Subject:

We also need to install exim-heavy to get spam assassin working, so we do that as well – this is basically an upgrade to exim that has more modules compiled in.

  aptitude install exim4-daemon-heavy

Finally, we need a configuration that causes exim to put messages that are very likely spam into an almost certainly spam folder, and put those that are maybe spam into a maybe spam folder. We do this in each user’s home directory, through creating a file called ~/.forward, add the content:

  # Exim filter
if
  $h_X-Spam-Score: CONTAINS "+++++++"
then
  save $home/Maildir/.almost-certainly-spam/
elif
  $h_X-Spam-Score: CONTAINS "++++"
then
  save $home/Maildir/.probably-spam/
endif

You should be able to look in /var/log/syslog and see spam assassin now running against your mail. You should be able to look at the mail headers in your mail client and see the spam assassin headers. You can tweak the thresholds by changing the number of pluses in the match rules above, and you can direct mail to the trash folder instead of the almost certainly spam folder.

Advertisements

One thought on “Part Five: Configuring SpamAssassin and Fetchmail

  1. Pingback: Part One: Install a secure Debian Wheezy imap mail server into a virtual using Exim, Dovecot, Fetchmail | technpol

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s