Truncate spam on Linux servers

Source: Internet
Author: User
Tags spamassassin
Cut off the spam on the Linux Server-Linux Enterprise Application-Linux server application information. The following is a detailed description. In today's world, spam continues to run rampant and is increasingly becoming a serious problem because spam makers are becoming increasingly intelligent, preventing spam is very necessary for anyone running the mail server. For Linux organizations, there is now an outstanding tool to prevent spam: SpamAssasin. Now let's take a look at how SpamAssasin can stop spam.
Understanding SpamAssassin

SpamAssasin is a mail transmitter that can use a series of mechanisms to confirm spam. These mechanisms include text analysis, Bayesian decision rules, and DNS data block list, and collaborative over-consideration databases. SpamAssasin cannot delete spam, but it can block spam. The main reason is that it has the following features:

Wide activity range: SpamAssasin uses a large number of local and network tests to confirm spam features. This makes it more difficult for spammers to identify the feasibility of the information they make.

Free Software: released under the same conditions as other popular open-source software (such as Apache Web Server.

Easy to scale: Anti-Spam testing and configuration information are stored in plain text, making it easy to configure and add new rules.

Flexibility: SpamAssasin encapsulates its logic in a well-designed, abstract API, so it can be integrated anywhere in the email data stream. SpamAssasin can be used in multiple email systems, including procmail, sendmail, Postfix, and qmail.

Easy to configure: SpamAssasin requires almost no user configuration. You do not need to constantly update the SpamAssasin configuration with the details of the email account or email list membership. Once classified, site and user rules can be applied to spam. In addition, the rules can be applied to the mail server, and you can use your own Mail User proxy application later.

SpamAssasin is generally considered to be one of the best spam filters. This article will guide you through installing, configuring, and using this powerful tool.

Get and install SpamAssasin

As a Linux application, SpamAssasin can be installed in various ways. The following is a simple list of installation methods:


Debian unstable: apt-get install spamassassin
Gentoo: emerge mail-filter/spamassassin
Fedora: yum install spamassassin

The user can be from SpamAssasin (http://spamassassin.apache.org/downloads.cgi? Update = 200702131100) download related documents. After the file is ready, enter the following command at the console prompt:


Untar/unzip the file
Cd into the newly created directory
Perl Makefile. PL
OPTION: Add-DSPAMC_SSL to $ CFLAGS to build an SSL-enabled spamc]
Make
Make install [as root]

There are quite a few specific release rules and slave rules in the INSTALL file. Therefore, read this file completely before installation.

Installation for use within the system

One of the best reasons for installation for system-wide use is that you do not have to change your procmailrc file. This may be a headache, depending on the number of users you own. Since this process will theoretically undermine users' emails, it is wise to put it in a pilot environment to run the test.

Configuration

Like most Linux applications, SpamAssasin needs to edit the configuration file. The configuration file is located in/etc/mail/spamassassin/and is named local. cf. Before manually editing the Configuration file, you can note that SpamAssassin Configuration Generator, an excellent tool prepared by Michael Moncur, helps you create a local. cf file. However, this tool currently only works in SpamAssasin 3.x.

This tool provides a web-based option suite to help users create their own configuration files. After selecting the simple option created by Mr. Moncur, press "Generate ":


# Generated by http://www.yrex.com/spam/spamconfig.php (version 1.50)
# How many hits before a message is considered spam.
Required_score 7.5
# Change the subject of suspected spam
Rewrite_header subject ****** SPAM *****
# Encapsulate spam in an attachment (0 = no, 1 = yes, 2 = safe)
Report_safe 1
# Enable the Bayes system
Use_bayes 1
# Enable Bayes auto-learning
Bayes_auto_learn 1
# Enable or disable network checks
Skip_rbl_checks 0
Use_razor2 1
Use_dcc 1
Use_pyzor 1
# Mail using administration ages used in these country codes will not be marked
# As being possibly spam in a foreign language.
OK _ages all
# Mail using locales used in these country codes will not be marked
# As being possibly spam in a foreign language.
OK _locales all

Next we will analyze them one by one:

Score Threshold: the lower the value of threshold, the fewer emails will pass. The default value is 6. However, you should note that if you set this item too low, some valid emails will also be blocked as spam.

Rewrite Message Subjects (Rewrite Message topic): With this option, you can configure SpamAssassin to edit the subject line of an email using any object you choose. The default value is *** SPAM *****

Use Auto Learning: SpamAssassin can automatically organize its Bayes database by analyzing messages with certain ratings, this comment strongly shows whether messages are spam or non-spam messages.

Enable RBL Checks (enables RBL check): Select whether or not to use rrouters (DNS blacklist) for SpamAssassin ). This helps detect junk information that is difficult to detect, but it takes some time, network bandwidth, and an available DNS server.

Use Network Checksum Tests (Use Network Check and check): Select whether to Use services that compare Message check and (Checksum) with known spam: these services include: vipul's Razor 2.x, DCC, Pyzor, etc. However, these services can work normally only when the client software of each service is installed. (Use use_razor2, use_dcc, and use_pyzor ).

Languages: The last two configurations are about Languages. The first one is which Languages should be checked. The default options are all languages. I suggest you do not modify it.

If you use the Mr. Moncur application to create your. cf file, store it in/etc/mail/spamassassin/, and then start the spamassassin application. To run spamassassin, you must run the following command as the root user:


/Etc/rc. d/init. d/spamassassin start

Note: depending on your release version, spamassassin may be located in/etc/init. d /.

After you start and run spamassassin, you may think that this program will start and run at every startup. You can use the system-config-services application or check the Enable spamassassin option. If you do not have the system-config-services software, you can add the following content to the/etc/rc. local file:


/Etc/rc. d/init. d/spamassassin start


Or

/Etc/init. d/spamassassin start


This depends on where you can execute SpamAssassin.

Work with Procmail
Your spamassassin has been started and runs properly. Now you need to set it to work with the Mail Delivery Agent. Here, I assume that you are using procmail because it is the most widely used mail proxy in Linux.

You need to edit the/etc/procmailrc file and add the following content:


DROPPRIVS = yes
: 0fw
|/Usr/bin/spamc

Procmail is now set to use SpamAssassin to evaluate and filter incoming spam.

Spam blacklist

We know that some domains/users will send spam information. Fortunately, SpamAssassin has a means of dealing with known spammers. With the help of the blacklist, SpamAssassin has taken another step toward the best and last anti-spam line.

Setting a blacklist is easy. You can add a blacklist to two configuration files. For use within the site range, you can consider/etc/mail/spamassain/local. cf; In ~ /. In spamassassin/user_prefs, each user can configure its own blacklist. The blacklist looks like the following:


Blacklist_from sample_email@sampledomain.com
Blacklist_from * @ sampledomain.com
Blacklist_from * @ sampledomain.com
Blacklist_from * @ sampledomain.com

The above content clearly shows us how to configure the blacklist. That is, you can configure the specific email address (such as the sample_email@sampledomain.com), you can also configure the entire domain (such as * @ sampledomain.com)

If you don't want to spend time editing your own blacklist, you can download the latest blacklist from the http://www.sa-blacklist.stearns... a-blacklist.current. However, it may not be suitable for your needs. Many Chinese spam websites are not listed. This list is huge, so you should be careful when downloading this list and adding it to your blacklist.

Train your SpamAssassin

It is possible that your SpamAssassin does not correctly evaluate whether the email is spam. If this happens, you can use your own email to train SpamAssassin.

Therefore, you need to use an SSH program (such as SSH or Putty) and SpamAssassin 'ssa-learn program. The email server must also set the IMAP protocol to train SpamAssassin.

To train SpamAssassin, follow these steps:

1. Separate the spam from the normal email and put it in a separate email address.

2. Open the ssh application and connect to jupiter.gac.edu.

3. Run the following two commands:


Sa-learn -- ham -- progress -- mbox Mail/nameOfYourHamMailbox
Sa-learn -- spam -- progress -- mbox Mail/nameOfYourSpamMailbox

If you train your SpamAssassin with over 200 spams and 200 normal emails, it will use this information to determine which emails are spam and which are not.

Conclusion

I believe that SpamAssassin is one of the essential tools to prevent the spread of spam. It can be said that a mail server is running in the company environment, and if you do not take any preventive measures, the Spam can be freely delayed through your transmission channel, it's a nightmare.

Think about the importance of setting up the anti-spam software and the simplicity of SpamAssassin. Do you have any reason not to deploy SpamAssassin on your Linux email server, maybe your email server or even your WEB service will become more popular.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.