| Contributions by: | Ray Mitchell for his RBL Howto |
| Created/Updated: | 03-09-2006 (revision history) |
| Versions Supported: | 6.0.x (SME 7.x has native support) |
The SME SpamFilter uses the new SpamAssassinV3 engine and has updated Razor2, and DCC network test modules associated. In the new Server-Manager panel it has been made very simple to configure Real Time Block/Black Lists (RBLs), White/Black Lists (WBLs) and other Spamassassin functions. The installation script will migrate RBL if configured as per Ray Mitchell's HowTo and WBL settings if configured in the old Spamassassin server manager module. See RBL information below for details on this.
[root@e-smith]# cd /root
[root@e-smith]# wget -N http://sme.swerts-knudsen.dk/downloads/SpamFilter/spamfilter_install.sh
[root@e-smith]# sh spamfilter_install.sh
When installation is complete you should now configure and enable the Spam Filter via the Spam Filter configuration menu in the Server Manager. Please notice that the admin account is not being scanned by the Spam Filter. If you get spam on this account (properly via postmaster or another alias) then I recommend that you redirect admin email to a "real" user via server-manager->Configuration->E-mail->forwarding address.
Quite often spammer are trying to reach all kinds of non-existing account on your server from potentially also non-existing email accounts. This can result in many double bounce messages to your postmaster account. Use the "How to delete double bounce messages" to avoid this.
See FAQ below if you have any questions before mailing me.
Using more lists will result in more queries being sent & received over your Internet connection but should result in more spam being rejected. Some lists are included on other lists so be careful not to include "double listings" as these only result in extra unnecessary queries, potentially slowing down the list servers response times. Choose RBL lists carefully to ensure they meet your needs. Some lists are very aggressive in the implementation of their "inclusion" policy, and while using those lists may block more spam they will also block legitimate messages. You can read the "criteria for inclusion policies" on each list at the list owners web site. The web site addresses are readily discernible from the list names. See Web sites section below.
For example using the bl.spamcop.net list will result in email messages from yahoo, hotmail and earthlink accounts being rejected. If you have legitimate users sending messages from those types of accounts, then do not use the bl.spamcop.net list. This also applies to some other lists.
Inclusion on a list can happen for many reasons, including being a known spammer or having a dynamic dial up IP number or sending via open relay servers or having incorrect address information or being listed by a system admin after receiving a spate of unsolicited email. Inclusion on "conservative" lists usually requires a positive identification of spamming or similar type activity. It is possible for legitimate users to be listed as part of a "block listing" of an IP number range such as has happened with Telstra Bigpond, AOL & other "large" ISP's etc. These listings are generally temporary until the specific spam culprit is identified and has their account cancelled by the ISP.
Here is a list of what appear to be "conservative & safe" lists ie there is justifiable or provable reason for being included on these lists. This is by no means an exhaustive list but is the result of my own investigations and conclusions.
Note that all the lists except spamhaus.org include open relays, so using these lists will block email sent via open relays.
Conservative lists
sbl-xbl.spamhaus.org - (a combination of cbl.abuseat.org and opm.blitzed.org)
dsn.rfc-ignorant.org
postmaster.rfc-ignorant.org
abuse.rfc-ignorant.org
whois.rfc-ignorant.org
ipwhois.rfc-ignorant.org
bogusmx.rfc-ignorant.org
dnsbl.njabl.org
relays.ordb.org
dnsbl.sorbs.net
contacts.abuse.net
list.dsbl.org
Registration required/Commercial list
blackholes.mail-abuse.org
relays.mail-abuse.org
dialups.mail-abuse.org
Aggressive lists
dynablock.njabl.org - (was dynablock.easynet.nl)
bl.spamcop.net
Web sites for further information
| Question | Answer |
| I have enabled "Sort to junkmail folder" but emails are not sorted even though the subject has the [SPAM...] tag |
The RPM installation script should have enabled procmail for all users but I
have heard of it failing. The best and easiest way to enable procmail is then to
first install the UserPanel and the Lazy Admin Tools. First install both and
then issues the following command from shell: # lat-procmail -c "*|enabled|no|some|normal" |
| Installation hangs or SpamFilter (Spamassassin) uses a lot of CPU resources | If Spamassassin seems to take up a lot of CPU time or the installation hang while "Discovering Razor Servers" then your server is most likely behind a firewall. Make sure to open the following ports. Outgoing TCP port 2703 (Razor2) and TCP port 7 (Echo). Razor2 uses TCP pings to discover what servers are closest to it. |
| I have installed the spamfilter on a mail gateway forwarding to another internal mail server and spam mail is not being moved to junkmail folder and not deleted if score is above 15 | The automatic deletion of spam and sort to junkmail is only active for users local to the server where spamfilter is running as it is dependant of procmail. If you have all local users and it still doesn't work then hold your horses I am working on it :-) |
| How does the SpamFilter interact with other antivirus packages/installations? |
The spamfilter hooks into the mail queue dependant of other installed packages. 1) If pagefault.org's antivirus is installed then is follow the rules set by Damien. To enable Spamassassin after installing and configuring these packages via the web manager panel at the command line type the commands: /sbin/e-smith/db configuration setprop amavis-ng qmail-queue /var/qmail/bin/qmail-spamc /sbin/e-smith/signal-event email-update. 2) If my new Antivirus panel is installed then it will react like as #1 as this panel is based on the one from pagefault.org
|
| Date | Changes |
| Sep 3, 2006 | Updated to SpamAssassin 3.1.5 and removed support for SME 6.5 as it is a non-existing release. |
| March 16, 2006 | sme-spamfilter now can autodelete on a configured score and not only 15. Updated the script to install Spamassassin 3.1.1 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Oct 14, 2005 | Updated the script to install Spamassassin 3.1.0 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| June 25, 2005 | Updated the script to install Spamassassin 3.0.4 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Dec 19, 2004 | Updated the script to install Spamassassin 3.0.2 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Oct 28, 2004 | Updated the install script to install perl-Net-DNS version 0.45 as
the old version was not sufficient for Spamassassin V3 to run all tests.
Can be individually downloaded and installed via: # rpm -Uvh http://sme.swerts-knudsen.dk/downloads/SpamFilter/perl-Net-DNS-0.45-3.i386.rpm |
| Oct 25, 2004 | Updated the script to install Spamassassin 3.0.1 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Sept 22, 2004 | Updated the script to install Spamassassin Final and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Sept 14, 2004 | Updated the script to install Spamassassin RC5 and ensured that everybody will be autoupdated if they have that enabled in the server-manager panel. |
| Sept 13, 2004 | Updated sme-spamfilter to version 1.0.4-1 with the following
changes:
- Minor clarifications in the panel (autodelete above 15 and sort to junk mail only possible with local users) - Updated the startup sequence to properly enable procmail for all users. - Ensured the "divide by zero" errors got removed from the statistics
|
| Sept 10, 2004 | Updated the script to install Spamassassin RC4 and ensure that all already user will be autoupdated if they have that enabled in the server-manager panel |
| Sept 9, 2004 | Updated sme-spamfilter to version 1.0.3-1 with the following
changes:
- ensured to also do spam check on internal interface as this is the active in server mode Install script:
- Setting proper rights on /var/qmail/.spamassassin
during script install to avoid warnings in the messagelog - Ensured to remove old crontab file from old installation during script install as we only need to update the database according to the config in the panel - Enabled automatic migration of white/black list from old installations as well as RBL lists |