Категорії
FreeBSD Mail systems

[exim] spamassassin

Обновлена 16.12.2009

На мой взгляд настройка этой связки не сложнее (а может и проще), чем postfix+sa. Идём в порты и ставим exim-sa-exim. Если у вас установлен просто exim – то необходимо снести его. На самом деле, exim-sa-exim это просто связка портов exim+sa. Вроде бы можно даже не сносить обычным exim а доставить просто sa, но тогда конфиги не скопируются, возможны ещё некоторые проблемы. И так (естественно, у вас должны быть прописаны опции, с которыми вы собираете exim, ибо у него не вылазит “синенькое окошко” и все параметры нужно прописывать в /etc/make.conf. Если не знаешь как это делается – иди сюда и посмотри):

#cd /usr/ports/mail/exim-sa-exim && make install clean

После успешной установки добавляем такое в /etc/rc.conf:

exim_enable="YES"
spamd_enable="YES"
spamd_flags="-c -Q -A 10.0.3.132"

В параметре А указан IP адрес интерфейса, который должен слушать SA. Если не указать это, то в логах будет появляться ошибка:

Sep 14 13:49:06 router2 spamd[78428]: spamd: unauthorized connection from mail.router2.tld [10.0.3.132] at port 59101 at /usr/local/bin/spamd line 1206.

Конфиг exim’a можно взять, например, отсюда . Переходим к конфигурированию SA. Кстати обратите внимание на такую строку

# Remove or comment out the following line to enable sa-exim
SAEximRunCond: 0

Собственно должны закомментировать строку SAEximRunCond.

Конфиг по дефолту будет /usr/local/etc/exim/sa-exim.conf. Приведу его:

SAEximDebug: 1
SAspamcpath: /usr/local/bin/spamc
SAspamcHost: 10.0.3.132
SAspamcPort: 783
SAEximRunCond: 1
SAEximRejCond: ${if !eq {$h_X-SA-Do-Not-Rej:}{Yes} {1}{0}}
SAmaxbody: 256000
SATruncBodyCond: 0
SARewriteBody: 1
SAPrependArchiveWithFrom: 1
SAmaxarchivebody: 20971520
SAerrmaxarchivebody: 1073741824
SAmaxrcptlistlength: 0
SAaddSAEheaderBeforeSA: 1
SAtimeoutsave: /var/mail/exim/SAtimeoutsave
SAtimeoutSavCond: 1
SAerrorsave: /var/mail/exim/SAerrorsave
SAerrorSavCond: 1
SAtemprejectonerror: 1
SAteergrubetime: 900
SAteergrubeSavCond: 1
SAteergrubesave: /var/mail/exim/SAteergrube
SAteergrubeoverwrite: 1
SAdevnullSavCond: 1
SAdevnullsave: /var/mail/exim/SAdevnull
SApermreject: 7.0
SApermrejectSavCond: 1
SApermrejectsave: /var/mail/exim/SApermreject
SAtempreject: 7.0
SAtemprejectSavCond: 1
SAtemprejectsave: /var/mail/exim/SAtempreject
SAtemprejectoverwrite: 1
SAgreylistiswhitestr: GREYLIST_ISWHITE
SAgreylistraisetempreject: 3.0
SAspamacceptsave: /var/mail/exim/SAspamaccept
SAspamacceptSavCond: 0
SAnotspamsave: /var/mail/exim/SAnotspam
SAnotspamSavCond: 0
SAmsgteergrubewait: Wait for more output
SAmsgteergruberej: Please try again later
SAmsgpermrej: Rejected
SAmsgtemprej: Please try again later
SAmsgerror: Temporary local error while processing message, please contact postmaster.

Объяснять параметры не буду, так как их описание идёт в самом конфиге и сами параметры интуитивно понятные. Собственно и всё. Осталось создать папку для временных файлов SA(если не сделать этого, будет вылазить ошибка

Sep 14 13:53:46 router2 spamd[78514]: spamd: creating default_prefs: /var/spool/mqueue/.spamassassin/user_prefs
Sep 14 13:53:46 router2 spamd[78514]: config: cannot write to /var/spool/mqueue/.spamassassin/user_prefs: No such file or directory
Sep 14 13:53:46 router2 spamd[78514]: spamd: failed to create readable default_prefs: /var/spool/mqueue/.spamassassin/user_prefs
Sep 14 13:53:46 router2 spamd[78514]: spamd: processing message for mailnull:26
Sep 14 13:53:48 router2 spamd[78514]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /var/spool/mqueue/.spamassassin/auto-whitelist.lock.router2.router2.tld.78514 for /var/spool/mqueue/.spamassassin/auto-whitelist.lock: No such file or directory ):

#mkdir /var/spool/mqueue/.spamassassin
#chown -R mailnull /var/spool/mqueue/.spamassassin

Теперь запускаем sa-spamd, exim из /usr/local/etc/rc.d, отправляем письмо и смотрим в логи:

#/usr/local/etc/rc.d/sa-spamd start
#/usr/local/etc/rc.d/exim start
#mail -s "111" user@domain.ru

kdjasld

.

EOT

#cat /var/log/maillog

Sep 14 13:56:58 router2 exim[78600]: [78600] cwd=/var/spool/mqueue 3 args: send-mail -i user@domain.ru
Sep 14 13:56:59 router2 exim[78600]: [78600] 1MnC38-000KRk-W9 SA: Debug: SAEximRunCond expand returned: '1'
Sep 14 13:56:59 router2 exim[78600]: [78600] 1MnC38-000KRk-W9 SA: Debug: check succeeded, running spamc
Sep 14 13:56:59 router2 spamd[78514]: spamd: connection from mail.router2.tld [10.0.3.132] at port 61542
Sep 14 13:56:59 router2 spamd[78514]: spamd: setuid to mailnull succeeded
Sep 14 13:56:59 router2 spamd[78514]: spamd: creating default_prefs: /var/spool/mqueue/.spamassassin/user_prefs
Sep 14 13:56:59 router2 spamd[78514]: config: created user preferences file: /var/spool/mqueue/.spamassassin/user_prefs
Sep 14 13:56:59 router2 spamd[78514]: spamd: processing message for mailnull:26
Sep 14 13:57:01 router2 spamd[78514]: spamd: clean message (-0.0/5.0) for mailnull:26 in 2.2 seconds, 445 bytes.
Sep 14 13:57:01 router2 spamd[78514]: spamd: result: . 0 - NO_RELAYS scantime=2.2,size=445,user=mailnull,uid=26,required_score=5.0,rhost=mail.router2.tld,raddr=10.0.3.132,rport=61542,mid=,autolearn=ham
Sep 14 13:57:01 router2 exim[78600]: [78600] 1MnC38-000KRk-W9 SA: Action: scanned but message isn't spam: score=-0.0 required=5.0 (scanned in 2/2 secs | Message-Id: E1MnC38-000KRk-W9@mail.router2.tld). From (local) for user@domain.ru
Sep 14 13:57:01 router2 spamd[78513]: prefork: child states: II
Sep 14 13:57:01 router2 exim[78600]: [78600] 1MnC38-000KRk-W9 <= root@mail.router2.tld U=root P=local S=695 T="111" from for user@domain.ru
Sep 14 13:57:01 router2 exim[78602]: [78602] cwd=/var/spool/exim 3 args: /usr/local/sbin/exim -Mc 1MnC38-000KRk-W9
Sep 14 13:57:01 deliver(user@domain.ru): Info: auth input: home=/var/mail/exim/domain.ru/user@domain.ru/
Sep 14 13:57:01 deliver(user@domain.ru): Info: auth input: uid=26
Sep 14 13:57:01 deliver(user@domain.ru): Info: auth input: gid=26
Sep 14 13:57:01 deliver(user@domain.ru): Info: maildir: data=/var/mail/exim/domain.ru/user@domain.ru/
Sep 14 13:57:01 deliver(user@domain.ru): Info: maildir++: root=/var/mail/exim/domain.ru/user@domain.ru, index=, control=, inbox=/var/mail/exim/domain.ru/user@domain.ru
Sep 14 13:57:01 deliver(user@domain.ru): Info: Namespace : Using permissions from /var/mail/exim/domain.ru/user@domain.ru: mode=0700 gid=-1
Sep 14 13:57:01 deliver(user@domain.ru): Info: msgid=: saved mail to INBOX
Sep 14 13:57:01 router2 exim[78602]: [78602] 1MnC38-000KRk-W9 => user F= P= R=dovecot_user T=dovecot_delivery S=807 QT=3s DT=0s
Sep 14 13:57:01 router2 exim[78602]: [78602] 1MnC38-000KRk-W9 Completed QT=3s

А теперь симитируем спамерское письмо:

router2# mail -s "Summer is on the way, do not forget of all requred-tabs." user@domain.ru
Watch the most amazing changes in your body! http://dc.ryllohwyj.com/
sex SPAM
hotty puccy, gey
.
EOT
router2#

и посмотрим логи:

Sep 14 14:08:09 router2 spamd[78760]: spamd: connection from mail.router2.tld [10.0.3.132] at port 58204
Sep 14 14:08:09 router2 spamd[78760]: spamd: setuid to mailnull succeeded
Sep 14 14:08:09 router2 spamd[78760]: spamd: processing message for mailnull:26
Sep 14 14:08:11 router2 spamd[78760]: spamd: identified spam (10.4/5.0) for mailnull:26 in 2.3 seconds, 585 bytes.
Sep 14 14:08:11 router2 spamd[78760]: spamd: result: Y 10 - AWL,NO_RELAYS,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,URIBL_AB_SURBL,URIBL_B
LACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_WS_SURBL scantime=2.3,size=585,user=mailnull,uid=26,required_score=5.0,rhost=mail.router2.tld,raddr=10.0.3.
132,rport=58204,mid=,autolearn=spam
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo SA: Debug: SARewriteBody == 1, rewriting message body
Sep 14 14:08:11 router2 spamd[78759]: prefork: child states: II
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo SA: Debug: SAEximRejCond expand returned: '1'
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo SA: Debug: Writing message to /var/mail/exim/SApermreject/new/1252937291_E1MnCDx-000KUN-Fo@mail.
router2.tld
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo SA: Notice: creating maildir tree in  /var/mail/exim/SApermreject
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo SA: Action: permanently rejected message: score=10.4 required=5.0 trigger=7.0 (scanned in 2/2 se
cs | Message-Id: E1MnCDx-000KUN-Fo@mail.router2.tld). From (local) for user@domain.ru
Sep 14 14:08:11 router2 exim[78763]: [1\25] [78763] 1MnCDx-000KUN-Fo SA: Action: permanently rejected message: score=10.4 required=5.0 trigger=7.0 (scanned in 2/2 secs | Message-Id: E1MnCDx-000KUN-Fo@mail.router2.tld). From (local) for user@domain.ru
Sep 14 14:08:11 router2 exim[78763]: [2\25] Envelope-from:
Sep 14 14:08:11 router2 exim[78763]: [3\25] Envelope-to:
Sep 14 14:08:11 router2 exim[78763]: [4\25] P Received: from root by mail.router2.tld with local (Exim 4.69 (FreeBSD))
Sep 14 14:08:11 router2 exim[78763]: [5\25]     (envelope-from )
Sep 14 14:08:11 router2 spamd[78760]: spamd: connection from mail.router2.tld [10.0.3.132] at port 51243
Sep 14 14:08:11 router2 exim[78763]: [6\25]     id 1MnCDx-000KUN-Fo
Sep 14 14:08:11 router2 spamd[78760]: spamd: setuid to mailnull succeeded
Sep 14 14:08:11 router2 exim[78763]: [7\25]     for user@domain.ru; Mon, 14 Sep 2009 14:08:09 +0000
Sep 14 14:08:11 router2 spamd[78760]: spamd: processing message for mailnull:26
Sep 14 14:08:11 router2 exim[78763]: [8\25] T To: user@domain.ru
Sep 14 14:08:11 router2 exim[78763]: [9\25] * Subject: Summer is on the way, do not forget of all requred-tabs.
Sep 14 14:08:11 router2 exim[78763]: [10\25] I Message-Id:
Sep 14 14:08:11 router2 exim[78763]: [11\25] F From: Charlie Root
Sep 14 14:08:11 router2 exim[78763]: [12\25]   Date: Mon, 14 Sep 2009 14:08:09 +0000
Sep 14 14:08:11 router2 exim[78763]: [13\25]   X-SA-Exim-Connect-IP:
Sep 14 14:08:11 router2 exim[78763]: [14\25]   X-SA-Exim-Mail-From: root@mail.router2.tld
Sep 14 14:08:11 router2 exim[78763]: [15\25]   Subject: Summer is on the way, do not forget of all requred-tabs.
Sep 14 14:08:11 router2 exim[78763]: [16\25]   X-Spam-Flag: YES
Sep 14 14:08:11 router2 exim[78763]: [17\25]   X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on router2.router2.tld
Sep 14 14:08:11 router2 exim[78763]: [18\25]   X-Spam-Level: **********
Sep 14 14:08:11 router2 exim[78763]: [19\25]   X-Spam-Status: Yes, score=10.4 required=5.0 tests=AWL,NO_RELAYS,
Sep 14 14:08:11 router2 exim[78763]: [20\25]    RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,URIBL_AB_SURBL,
Sep 14 14:08:11 router2 exim[78763]: [21\25]    URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_WS_SURBL
Sep 14 14:08:11 router2 exim[78763]: [22\25]    autolearn=spam version=3.2.5
Sep 14 14:08:11 router2 exim[78763]: [23\25]   Content-Type: multipart/mixed; boundary="----------=_4AAE4E4B.761B6451"
Sep 14 14:08:11 router2 exim[78763]: [24\25]   X-SA-Exim-Version: 4.2
Sep 14 14:08:11 router2 exim[78763]: [25/25]   X-SA-Exim-Scanned: Yes (on mail.router2.tld)
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo F=root@mail.router2.tld U=root P=local rejected by local_scan(): Rejected
Sep 14 14:08:11 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo F=root@mail.router2.tld U=root P=local rejected by local_scan(): Rejected
Sep 14 14:08:11 router2 exim[78765]: [78765] cwd=/var/spool/exim 7 args: /usr/local/sbin/exim -t -oem -oi -f <> -E1MnCDx-000KUN-Fo
Sep 14 14:08:11 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Debug: SAEximRunCond expand returned: '1'
Sep 14 14:08:11 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Debug: check succeeded, running spamc
Sep 14 14:08:14 router2 spamd[78760]: spamd: identified spam (15.6/5.0) for mailnull:26 in 2.3 seconds, 4620 bytes.
Sep 14 14:08:14 router2 spamd[78760]: spamd: result: Y 15 - NO_RELAYS,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,URIBL_AB_SURBL,URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_WS_SURBL scantime=2.3,size=4620,user=mailnull,uid=26,required_score=5.0,rhost=mail.router2.tld,raddr=10.0.3.132,rport=51243,mid=,autolearn=spam
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Debug: SARewriteBody == 1, rewriting message body
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Debug: SAEximRejCond expand returned: '1'
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Debug: Writing message to /var/mail/exim/SApermreject/new/1252937294_E1MnCDz-000KUP-UG@mail.router2.tld
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG SA: Action: permanently rejected message: score=15.6 required=5.0 trigger=7.0 (scanned in 3/3 secs | Message-Id: E1MnCDz-000KUP-UG@mail.router2.tld). From <> (local) for root@mail.router2.tld
Sep 14 14:08:14 router2 exim[78765]: [1\25] [78765] 1MnCDz-000KUP-UG SA: Action: permanently rejected message: score=15.6 required=5.0 trigger=7.0 (scanned in 3/3 secs | Message-Id: E1MnCDz-000KUP-UG@mail.router2.tld). From <> (local) for root@mail.router2.tld
Sep 14 14:08:14 router2 exim[78765]: [2\25] Envelope-from: <>
Sep 14 14:08:14 router2 exim[78765]: [3\25] Envelope-to:
Sep 14 14:08:14 router2 exim[78765]: [4\25] P Received: from mailnull by mail.router2.tld with local (Exim 4.69 (FreeBSD))
Sep 14 14:08:14 router2 exim[78765]: [5\25]     id 1MnCDz-000KUP-UG
Sep 14 14:08:14 router2 exim[78765]: [6\25]     for root@mail.router2.tld; Mon, 14 Sep 2009 14:08:11 +0000
Sep 14 14:08:14 router2 exim[78765]: [7\25]   Auto-Submitted: auto-replied
Sep 14 14:08:14 router2 exim[78765]: [8\25] F From: Mail Delivery System
Sep 14 14:08:14 router2 exim[78765]: [9\25] T To: root@mail.router2.tld
Sep 14 14:08:14 router2 exim[78765]: [10\25] * Subject: Mail failure - rejected by local scanning code
Sep 14 14:08:14 router2 exim[78765]: [11\25] I Message-Id:
Sep 14 14:08:14 router2 exim[78765]: [12\25]   Date: Mon, 14 Sep 2009 14:08:11 +0000
Sep 14 14:08:14 router2 exim[78765]: [13\25]   X-SA-Exim-Connect-IP:
Sep 14 14:08:14 router2 exim[78765]: [14\25]   X-SA-Exim-Mail-From:
Sep 14 14:08:14 router2 exim[78765]: [15\25]   Subject: Mail failure - rejected by local scanning code
Sep 14 14:08:14 router2 exim[78765]: [16\25]   X-Spam-Flag: YES
Sep 14 14:08:14 router2 exim[78765]: [17\25]   X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on router2.router2.tld
Sep 14 14:08:14 router2 exim[78765]: [18\25]   X-Spam-Level: ***************
Sep 14 14:08:14 router2 exim[78765]: [19\25]   X-Spam-Status: Yes, score=15.6 required=5.0 tests=NO_RELAYS,
Sep 14 14:08:14 router2 exim[78765]: [20\25]    RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,URIBL_AB_SURBL,
Sep 14 14:08:14 router2 exim[78765]: [21\25]    URIBL_BLACK,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_WS_SURBL
Sep 14 14:08:14 router2 exim[78765]: [22\25]    autolearn=spam version=3.2.5
Sep 14 14:08:14 router2 exim[78765]: [23\25]   Content-Type: multipart/mixed; boundary="----------=_4AAE4E4E.469271CA"
Sep 14 14:08:14 router2 exim[78765]: [24\25]   X-SA-Exim-Version: 4.2
Sep 14 14:08:14 router2 exim[78765]: [25/25]   X-SA-Exim-Scanned: Yes (on mail.router2.tld)
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG F=<> U=mailnull P=local rejected by local_scan(): Rejected
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG F=<> U=mailnull P=local rejected by local_scan(): Rejected
Sep 14 14:08:14 router2 exim[78765]: [78765] 1MnCDz-000KUP-UG Error while reading message with no usable sender address (R=1MnCDx-000KUN-Fo): rejected by local_scan: Rejected
Sep 14 14:08:14 router2 exim[78763]: [78763] 1MnCDx-000KUN-Fo Child mail process returned status 1
Sep 14 14:08:14 router2 spamd[78759]: prefork: child states: II

откуда видно, что наше письмо зарезалось.

Если у вас вылазит ошибка:

Sep 16 07:23:35 router2 spamd[98607]: Can't locate Mail/SpamAssassin/CompiledRegexps/body_0.pm in @INC (@INC contains: /var/db/spamassassin/compiled/5.008/3.002005 /var/db/spamassassin/compiled/5.008/3.002005/auto lib /usr/local/lib/perl5/site_perl/5.8.9 /usr/local/lib/perl5/5.8.9/BSDPAN /usr/local/lib/perl5/site_perl/5.8.9/mach /usr/local/lib/perl5/5.8.9/mach /usr/local/lib/perl5/5.8.9) at (eval 576) line 1.
Sep 16 07:23:35 router2 spamd[98607]: razor2: razor2 check failed: No such file or directory razor2: razor2 had unknown error during get_server_info at /usr/local/lib/perl5/site_perl/5.8.9/Mail/SpamAssassin/Plugin/Razor2.pm line 188. at /usr/local/lib/perl5/site_perl/5.8.9/Mail/SpamAssassin/Plugin/Razor2.pm line 326.

то нужно создать и инициализировать БД для razor (это компонент SA):

#razor-admin -d -create -home=/var/spool/mqueue/razor
#razor-admin -discover
#razor-admin -register

Если при запуске этих команд вылазит ошибка:

nextserver: Bootstrap discovery failed. Giving up

значит у вас файервол блочит соединения. Отключите его на время, после этого запустите ещё раз команды, он сихронизируется, потом обратно включите файервол.

Если вылазит ошибка:

Dec 16 21:03:27 newmail amavis[852]: (00852-01) _WARN: razor2: razor2 check failed:  razor2: razor2 had unknown error during get_server_info at /usr/local/lib
/perl5/site_perl/5.8.9/Mail/SpamAssassin/Plugin/Razor2.pm line 188. at /usr/local/lib/perl5/site_perl/5.8.9/Mail/SpamAssassin/Plugin/Razor2.pm line 326.

нужно поставить владельца vscan:vscan на домашнюю папку razor’a.

Залишити відповідь

Ваша e-mail адреса не оприлюднюватиметься. Обов’язкові поля позначені *

Домашняя страничка Andy
Записки молодого админа
Самостоятельная подготовка к Cisco CCNA
Самостоятельная подготовка к Cisco CCNP
Powered by Muff