| derxob |
12-04-2006 05:22 PM |
Here's a small script I wrote for automatically fetching and updating some SA rule files that update often. It's nice to keep these rule files up to date because as we know, spammers are finding new ways to outsmart spam filters on a daily basis.
I add this script to my daily cron jobs.
Code:
#!/bin/sh
# adam@foogazi.com
# http://www.foogazi.com
# DO NOT IMPLEMENT THIS WITHOUT CHOOSING WHICH RULES TO USE AND DECIDING IF THEY WILL BE OF BENEFIT OR NOT.
# This script was created on a Slackware 10.0 machine.
# Implementing:
# CONFIG_PATH should be changed to the path of your local.cf file
# BACKUP_PATH should be changed to the path you want files to be backed up to - this path must be present before executing # this script.
# SCRIPT_PATH should be changed to the location of your spamd init script, used to start/restart spamassassin.
CONFIG_PATH=/etc/mail/spamassassin
BACKUP_PATH=/etc/mail/spamassassin/backup
SCRIPT_PATH=/etc/rc.d/rc.spamd
# Back up the current configs
cd $CONFIG_PATH
cp * $BACKUP_PATH
# Stop spamassassin
$SCRIPT_PATH stop
rm *.*
#Download rules:
# Uncomment the rules you want - see http://www.rulesemporium.com/ for more info.
# NOTE: You must uncomment at least one for this to work.
#wget http://www.rulesemporium.com/rules/70_sare_stocks.cf
#wget http://mywebpages.comcast.net/mkettler/sa/antidrug.cf
#wget http://www.emtinc.net/includes/backhair.cf
#wget http://www.timj.co.uk/linux/bogus-virus-warnings.cf
#wget http://www.sa-blacklist.stearns.org/sa-blacklist/sa-blacklist.current.uri.cf
#wget http://www.emtinc.net/includes/chickenpox.cf
#wget http://www.rulesemporium.com/rules/72_sare_redirect_post3.0.0.cf
#wget http://www.rulesemporium.com/rules/70_sare_evilnum0.cf
#wget http://www.rulesemporium.com/rules/70_sare_evilnum1.cf
#wget http://www.rulesemporium.com/rules/70_sare_evilnum2.cf
#wget http://www.rulesemporium.com/rules/70_sare_html.cf
#wget http://www.rulesemporium.com/rules/70_sare_html4.cf
#wget http://www.rulesemporium.com/rules/70_sare_html_arc.cf
#wget http://www.rulesemporium.com/rules/70_sare_html_eng.cf
#wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf
#wget http://www.ccert.edu.cn/spam/sa/Chinese_rules.cf
#wget http://www.geewhiz.ca/images/b/b2/99_geewhizg_zh.cf
#wget http://www.geewhiz.ca/images/3/35/50_scores_geewhizg_zh.cf
#wget http://www.nospamtoday.com/download/mime_validate.cf
#wget http://www.rulesemporium.com/rules/70_sare_bayes_poison_nxm.cf
#wget http://www.sa-blacklist.stearns.org/sa-blacklist/random.current.cf
#wget http://www.rulesemporium.com/rules/99_FVGT_Tripwire.cf
#wget http://maxime.ritter.eu.org/Spam/french_rules.cf
#wget http://www.rulesemporium.com/rules/70_sare_header0.cf
#wget http://www.rulesemporium.com/rules/70_sare_specific.cf
#wget http://www.rulesemporium.com/rules/70_sare_ratware.cf
#wget http://www.rulesemporium.com/rules/70_sare_adult.cf
#wget http://www.rulesemporium.com/rules/72_sare_bml_post25x.cf
#wget http://www.rulesemporium.com/rules/99_sare_fraud_post25x.cf
#wget http://www.rulesemporium.com/rules/70_sare_spoof.cf
#wget http://www.rulesemporium.com/rules/70_sare_random.cf
#wget http://www.rulesemporium.com/rules/70_sc_top200.cf
#wget http://www.rulesemporium.com/rules/70_sare_oem.cf
#wget http://www.rulesemporium.com/rules/70_sare_genlsubj.cf
#wget http://www.rulesemporium.com/rules/70_sare_highrisk.cf
#wget http://www.rulesemporium.com/rules/70_sare_unsub.cf
#wget http://www.rulesemporium.com/rules/70_sare_uri0.cf
#wget http://www.rulesemporium.com/rules/70_sare_whitelist.cf
cp $BACKUP_PATH/local.cf .
cp $BACKUP_PATH/init.pre .
cp $BACKUP_PATH/rolex.cf .
cp $BACKUP_PATH/stock.cf .
cp $BACKUP_PATH/v310.pre .
# Start Spamassassin
$SCRIPT_PATH start
Side note:
Jeremy, fix: "...additional SA rules. he best place for this is http://www.rulesemporium.com/, .."
Nice article! |
