FreeBSD 上整合 SpamAssassin 到 Postfix

主要是參考http://wiki.apache.org/spamassassin/IntegratedSpamdInPostfix這一篇文章,網路上有很多相關文章,不過很多要用到 Procmail,不想把系統搞得那麼複雜,所以不打算用到 Procmail,這兒的方法不會用到。

想知道 Postfix 中,content filter 的運作,可以先閱讀http://www.postfix.org/FILTER_README.html這篇文章,如果不想搞懂,也無所謂,依樣畫葫蘆就好。

首先,請先安裝 Postfix 和 SpamAssassin,並且自己設定 Postfix 到可以收信和寄信的狀況。

建立  /usr/local/bin/spamfilter.sh 這個檔案:

root@foo:~ # cat /usr/local/bin/spamfilter.sh
#!/bin/sh
# 
# spamfilter.sh
# 
# Simple filter to plug SpamAssassin into the Postfix MTA
# 
# Modified by Jeremy Morton
# 
# This script should probably live at /usr/bin/spamfilter.sh
# ... and have 'chown root:root' and 'chmod 755' applied to it.
# 
# For use with:
#     Postfix 20010228 or later
#     SpamAssassin 2.42 or later

# Note: Modify the file locations to suit your particular
#       server and installation of SpamAssassin.
# File locations:
# (CHANGE AS REQUIRED TO SUIT YOUR SERVER)
SENDMAIL=/usr/sbin/sendmail
SPAMASSASSIN=/usr/local/bin/spamc

#logger <<<"Spam filter piping to SpamAssassin, then to: $SENDMAIL $@"
${SPAMASSASSIN} | ${SENDMAIL} "$@"

exit $?

記得修改成 755,並且由 root:wheel 擁有。

修改 /usr/local/etc/postfix/master.cf,最前面的 smtpd 改成這樣子:

smtp      inet  n       -       n       -       -       smtpd
   -o content_filter=spamfilter

這個加到最後面:

spamfilter unix  -       n       n       -       -       pipe   
   flags=Rq user=spamd argv=/usr/local/bin/spamfilter.sh -oi -f ${sender} ${recipient}

修改 spamassassin 的設定檔:

root@foo:/usr/local/etc/postfix # cat /usr/local/etc/mail/spamassassin/local.cf
# This is the right place to customize your installation of SpamAssassin.
#
# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
# tweaked.
#
# Only a small subset of options are listed below
#
###########################################################################

#   Add *****SPAM***** to the Subject header of spam e-mails
#
rewrite_header Subject *****SPAM*****


#   Save spam messages as a message/rfc822 MIME attachment instead of
#   modifying the original message (0: off, 2: use text/plain instead)
#
# report_safe 1


#   Set which networks or hosts are considered 'trusted' by your mail
#   server (i.e. not spammers)
#
trusted_networks 125.227.188.


#   Set file-locking method (flock is not safe over NFS, but is faster)
#
lock_method flock


#   Set the threshold at which a message is considered spam (default: 5.0)
#
required_score 5.0


#   Use Bayesian classifier (default: 1)
#
use_bayes 1


#   Bayesian classifier auto-learning (default: 1)
#
bayes_auto_learn 1


#   Set headers which may provide inappropriate cues to the Bayesian
#   classifier
#
bayes_ignore_header X-Bogosity
bayes_ignore_header X-Spam-Flag
bayes_ignore_header X-Spam-Status




#   Some[A shortcircuiting, if the plugin is enabled
# 
ifplugin Mail::SpamAssassin::Plugin::Shortcircuit
#
#   default: strongly-whitelisted mails are *really* whitelisted now, if the
#   shortcircuiting plugin is active, causing early exit to save CPU load.
#   Uncomment to turn this on
#
# shortcircuit USER_IN_WHITELIST       on
# shortcircuit USER_IN_DEF_WHITELIST   on
# shortcircuit USER_IN_ALL_SPAM_TO     on
# shortcircuit SUBJECT_IN_WHITELIST    on

#   the opposite; blacklisted mails can also save CPU
#
# shortcircuit USER_IN_BLACKLIST       on
# shortcircuit USER_IN_BLACKLIST_TO    on
# shortcircuit SUBJECT_IN_BLACKLIST    on

#   if you have taken the time to correctly specify your "trusted_networks",
#   this is another good way to save CPU
#
# shortcircuit ALL_TRUSTED             on

#   and a well-trained bayes DB can save running rules, too
#
# shortcircuit BAYES_99                spam
# shortcircuit BAYES_00                ham

endif # Mail::SpamAssassin::Plugin::Shortcircuit

加到 /etc/rc.conf 裡面:

spamd_enable="YES"
spamd_flags="-r /var/run/spamd/spamd.pid -d"

然後分別執行:

/usr/local/bin/sa-update
/usr/local/bin/sa-compile

重新啟動 postfix,啟動 spamassassin:

/usr/local/etc/rc.d/postfix restart
/usr/local/etc/rc.d/sa-spamd start

測試 spamassassin 有沒有在運作,從外面的 mail 寄一封信進來,內容是http://spamassassin.apache.org/gtube/gtube.txt裡面的內容,如果沒有問題的話,信件主題會被加上「*****SPAM*****」,看信件標題,會看到:

X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on foo
X-Spam-Flag: YES
X-Spam-Level: **************************************************
X-Spam-Status: Yes, score=1000.0 required=5.0 tests=FREEMAIL_FROM,GTUBE, HTML_MESSAGE,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0

或者看 /var/log/maillog,會看到類似的內容:

Jun 23 17:41:55 foo spamd[976]: spamd: identified spam (1000.0/5.0) for spamd:58 in 2.6 seconds, 3568 bytes. 
Jun 23 17:41:55 foo spamd[976]: spamd: result: Y 999 - FREEMAIL_FROM,GTUBE,HTML_MESSAGE,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED scantime=2.6,size=3568,user=spamd,uid=58,required_score=5.0,rhost=localhost,raddr=::1,rport=62399,mid=,autolearn=no autolearn_force=no 

然後就可以收工了。