主要是參考http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix這一篇文章,網路上有很多相關文章,不過很多要用到 Procmail,不想把系統搞得那麼複雜,所以不打算用到 Procmail,這兒的方法不會用到。
想知道 Postfix 中,content filter 的運作,可以先閱讀http://www.postfix.org/FILTER_README.html這篇文章,如果不想搞懂,也無所謂,依樣畫葫蘆就好。
首先,請先安裝 Postfix 和 SpamAssassin,並且自己設定 Postfix 到可以收信和寄信的狀況。
建立 /usr/local/bin/spamfilter.sh 這個檔案:
root@foo:~ # cat /usr/local/bin/spamfilter.sh #!/bin/sh # # spamfilter.sh # # Simple filter to plug SpamAssassin into the Postfix MTA # # Modified by Jeremy Morton # # This script should probably live at /usr/bin/spamfilter.sh # ... and have 'chown root:root' and 'chmod 755' applied to it. # # For use with: # Postfix 20010228 or later # SpamAssassin 2.42 or later # Note: Modify the file locations to suit your particular # server and installation of SpamAssassin. # File locations: # (CHANGE AS REQUIRED TO SUIT YOUR SERVER) SENDMAIL=/usr/sbin/sendmail SPAMASSASSIN=/usr/local/bin/spamc #logger <<<"Spam filter piping to SpamAssassin, then to: $SENDMAIL $@" ${SPAMASSASSIN} | ${SENDMAIL} "$@" exit $?
記得修改成 755,並且由 root:wheel 擁有。
修改 /usr/local/etc/postfix/master.cf,最前面的 smtpd 改成這樣子:
smtp inet n - n - - smtpd -o content_filter=spamfilter
這個加到最後面:
spamfilter unix - n n - - pipe flags=Rq user=spamd argv=/usr/local/bin/spamfilter.sh -oi -f ${sender} ${recipient}
修改 spamassassin 的設定檔:
root@foo:/usr/local/etc/postfix # cat /usr/local/etc/mail/spamassassin/local.cf # This is the right place to customize your installation of SpamAssassin. # # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be # tweaked. # # Only a small subset of options are listed below # ########################################################################### # Add *****SPAM***** to the Subject header of spam e-mails # rewrite_header Subject *****SPAM***** # Save spam messages as a message/rfc822 MIME attachment instead of # modifying the original message (0: off, 2: use text/plain instead) # # report_safe 1 # Set which networks or hosts are considered 'trusted' by your mail # server (i.e. not spammers) # trusted_networks 125.227.188. # Set file-locking method (flock is not safe over NFS, but is faster) # lock_method flock # Set the threshold at which a message is considered spam (default: 5.0) # required_score 5.0 # Use Bayesian classifier (default: 1) # use_bayes 1 # Bayesian classifier auto-learning (default: 1) # bayes_auto_learn 1 # Set headers which may provide inappropriate cues to the Bayesian # classifier # bayes_ignore_header X-Bogosity bayes_ignore_header X-Spam-Flag bayes_ignore_header X-Spam-Status # Some[A shortcircuiting, if the plugin is enabled # ifplugin Mail::SpamAssassin::Plugin::Shortcircuit # # default: strongly-whitelisted mails are *really* whitelisted now, if the # shortcircuiting plugin is active, causing early exit to save CPU load. # Uncomment to turn this on # # shortcircuit USER_IN_WHITELIST on # shortcircuit USER_IN_DEF_WHITELIST on # shortcircuit USER_IN_ALL_SPAM_TO on # shortcircuit SUBJECT_IN_WHITELIST on # the opposite; blacklisted mails can also save CPU # # shortcircuit USER_IN_BLACKLIST on # shortcircuit USER_IN_BLACKLIST_TO on # shortcircuit SUBJECT_IN_BLACKLIST on # if you have taken the time to correctly specify your "trusted_networks", # this is another good way to save CPU # # shortcircuit ALL_TRUSTED on # and a well-trained bayes DB can save running rules, too # # shortcircuit BAYES_99 spam # shortcircuit BAYES_00 ham endif # Mail::SpamAssassin::Plugin::Shortcircuit
加到 /etc/rc.conf 裡面:
spamd_enable="YES" spamd_flags="-r /var/run/spamd/spamd.pid -d"
然後分別執行:
/usr/local/bin/sa-update /usr/local/bin/sa-compile
重新啟動 postfix,啟動 spamassassin:
/usr/local/etc/rc.d/postfix restart /usr/local/etc/rc.d/sa-spamd start
測試 spamassassin 有沒有在運作,從外面的 mail 寄一封信進來,內容是http://spamassassin.apache.org/gtube/gtube.txt裡面的內容,如果沒有問題的話,信件主題會被加上「*****SPAM*****」,看信件標題,會看到:
X-Spam-Checker-Version: | SpamAssassin 3.4.0 (2014-02-07) on foo |
X-Spam-Flag: | YES |
X-Spam-Level: | ************************************************** |
X-Spam-Status: | Yes, score=1000.0 required=5.0 tests=FREEMAIL_FROM,GTUBE, HTML_MESSAGE,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 |
或者看 /var/log/maillog,會看到類似的內容:
Jun 23 17:41:55 foo spamd[976]: spamd: identified spam (1000.0/5.0) for spamd:58 in 2.6 seconds, 3568 bytes. Jun 23 17:41:55 foo spamd[976]: spamd: result: Y 999 - FREEMAIL_FROM,GTUBE,HTML_MESSAGE,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED scantime=2.6,size=3568,user=spamd,uid=58,required_score=5.0,rhost=localhost,raddr=::1,rport=62399,mid=,autolearn=no autolearn_force=no
然後就可以收工了。