LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   [help] Amavisd-new + Spamassassin (http://www.linuxquestions.org/questions/linux-security-4/%5Bhelp%5D-amavisd-new-spamassassin-885386/)

DarkSlayer 06-09-2011 06:47 AM

[help] Amavisd-new + Spamassassin
 
Hello
Please if someone can explain me something regarding isstallation of antispam gateway with amavisd-new and spamassassin.
what i have.
Centos 5.6
postfix 2.3.3-2.2
dovecot 1.2.17-0_115.el5
spamassassin 3.2.5-1.el5
postfixadmin 2.3.3
amavisd-new 2.6.4-4.el5.rf

Postfix + Dovecot are on mysql with TLS

I cant understand if amavisd tottaly replaces Spammassassins configuration with it's own and uses just spamassassin binary?

I want to configure both Spamassassin and Amavis with MySQl as well, if possible.
Can i use Spammassasin mysql schema and config separately and it won't interefere amavisds process. Or amavis mysql scheme is uniq for both spamassassin and amavisq configuration. One of the tools for further mysql usage of this tools would be Maia Mailguard.

Hope it is possible to make advanced configuration of each service foradditional security. like razor pyzor dcc in spamassassin.

Also if someone knows how to put spam emails after filters in users spam folder and to bounce or drop it , or just rewrite subject ?

Noway2 06-09-2011 12:15 PM

Amavisd is often times used a the master filter application that coordinates the anti-virus and anti-spam applications. You can deliver your messages to the port that Amavis listens on and it will perform the various functions, inserting headers as appropriate, and then re-inject mail back into the queue. It is also possible, and depending on your distribution possibly even easy, to incorporate additional tools like pyzor and razor. You can configure Postfix to either discard SPAM in which case it will hold it in a quarantine directory so you don't lose it in case it was HAM, or to pass it on for later filtering. If you pass it, you can have a program like Sieve move it to a SPAM folder automatically based upon header content or your email client can filter on the header tags. I wouldn't suggest bouncing it because that just adds to the problem and almost always misses the target. I am not sure about using SQL configuration for Spamassassin or Amavis, which I haven't done or had need to do. I do use MySQL for hosting the virtual user tables, though.

DarkSlayer 06-10-2011 03:44 AM

Thanks for your response.
And also thanks to you for telling about Sieve. I'll definitely go with it's configruration.
I wanna use sql for antispam filter for flexible per-user/domain configuration.
Saying "use MySQL for hosting the virtual user tables" you mean using it for general Dovecot and Postfix setup with Postfixadmin ?


Quote:

Originally Posted by Noway2 (Post 4381156)
Amavisd is often times used a the master filter application that coordinates the anti-virus and anti-spam applications. You can deliver your messages to the port that Amavis listens on and it will perform the various functions, inserting headers as appropriate, and then re-inject mail back into the queue. It is also possible, and depending on your distribution possibly even easy, to incorporate additional tools like pyzor and razor. You can configure Postfix to either discard SPAM in which case it will hold it in a quarantine directory so you don't lose it in case it was HAM, or to pass it on for later filtering. If you pass it, you can have a program like Sieve move it to a SPAM folder automatically based upon header content or your email client can filter on the header tags. I wouldn't suggest bouncing it because that just adds to the problem and almost always misses the target. I am not sure about using SQL configuration for Spamassassin or Amavis, which I haven't done or had need to do. I do use MySQL for hosting the virtual user tables, though.


Noway2 06-10-2011 04:50 AM

Quote:

Saying "use MySQL for hosting the virtual user tables" you mean using it for general Dovecot and Postfix setup with Postfixadmin ?
Exactly. BTW, Postfixadmin is a great tool. Be sure you keep it protected behind a secure interface and require encryption on the page though. If someone were to access it, they could cause a lot of havoc.

If I recall correctly, the sieve program is referred to as CMUSieve. If you Google for that term, you will get lots of hits. It also looks like there is a newer, updated version called Dovecot Sieve. which works with Dovecot 1.2 or later. Here is a link. It looks like it has a lot more features.

Quote:

I wanna use sql for antispam filter for flexible per-user/domain configuration
I understand. If you have multiple users this would be the way to go. Unfortunately, I don't have much advice on how to set this part up, but from I do know of Amavis and Spamassassin, I don't see why it wouldn't work. The Amavis part just acts as the master content filter, sitting in the mail queue. I have it on both incoming and outgoing which will prevent viruses from being transmitted as well as prohibited file types. Once the mail is passed to it, though, it should be able to use the MySQL schema for profiles. Here see this link for an example. Note, you may also need to change the command line that calls Spamassassin.

I just did a little checking in my own Amavisd configuration (Debian Layout) and it has a configuration file for user configuration that calls the following line:
Code:

@lookup_sql_dsn = (
    ['DBI:mysql:database=mymaildb;host=127.0.0.1;port=3306',
    'mymaildb',
    'mymaildb']);

$sql_select_policy = 'SELECT domain FROM domain WHERE CONCAT("@",domain) IN (%k)';

So apparently it does look in the SQL database, though I didn't know it was doing this. I suspect that if you are using the PostfixAdmin and the virtual users, you could point this to that user/mail database and add a the appropriate table(s).

DarkSlayer 06-10-2011 07:06 AM

i have 3 problems for now:
1. postfixadmin mailbox postdeletion script not working. cant get it work.

2. cant compile Sieve for dovecot 1.2
Code:

./configure --with-dovecot=/usr/lib/dovecot/
       
        #OMITED OUTPUT#

dovecot-config not found from /usr/lib/dovecot, use --with-dovecot=PATH
to give path to compiled Dovecot sources or to a directory with the
installed dovecot-config file.
configure: error: dovecot-config not found

--with-dovecot=/etc/ - isn't working as well (dovecont.conf resides there)

3 amavisd-new + spamassassin + MySQL + MAIA Mailguard
i have fu*** headache already with this part. read hundred tutorials....amavisd-needs some patch , maia needs some configuration, all tuttorials showing different things......i'm really frustrated and depressed for now.
http://www.akadia.com/services/postfix_amavisd.html
http://www.maiamailguard.com/maia/wi...rtamavisd-maia
http://www200.pair.com/mecham/spam/rhel5-maia.html
And many many many other links. my brain just rejects whole info ...

TODO: SPF, DCC, RAZOR, PYZOR, Roundcube, SSL protected web pages ...
DONE: postfix + dovecot + TLS for pop3 and imap, postfixadmin, amavisd + ClamD, IMAP folders autocreation for each new user. And sieve should rdirect spam there (...
All packages versions in my very first post.

I dont wanna look at solutions like iRedMail and/or Zimbra. I wanna get all things done by myself without choosing easiest way.


All times are GMT -5. The time now is 06:27 AM.