ispCP - Board - Support
enable spamassassin? - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Support Area (/forum-30.html)
+--- Forum: System Setup & Installation (/forum-32.html)
+--- Thread: enable spamassassin? (/thread-5789.html)

Pages: 1 2 3 4 5 6 7


RE: enable spamassassin? - robbo007 - 04-23-2009 01:17 AM

(02-22-2009 06:52 AM)rbtux Wrote:  well i don't want my customers to do any antispam config... As most of the people here they don't have a clue;-) a robust default setup is enough imho.

Hello all,
Is this the best solution? I'm basically looking for an AV and antispam solution for my server. I have quiet a few clients that use it for web and email hosting.

Thanks,

Rob


RE: enable spamassassin? - pgentoo - 05-14-2009 02:37 PM

Ok, I just set this up on my system and it appears to be working. I have a few questions though...

What is the order that all this stuff is being done? Please help me fill in the blanks. Smile

1. Initially, postfix receives the message, does some checks of its own, and then hands it to postgrey for validation of the sender.
2. Postgrey receives message. Postgrey asks sender to try again, until it lets it through.
3. Policyd-weight?
4. Amavisd?
a. Spamassassin?
5. Postfix queues the message for delivery.
6. Message delivered to inbox

Could you please help to clarify how the message/control is exchanged in the middle section there?


Also, say i want to run Pyzor or DCC from spamassassin. I'm not sure how to do this. I enabled it in my local.cf, however i can't see any debug info from amavis on this, and it doesn't appear that its doing anything. Anyone running this?

Also, what if I always want to add spam headers to the messages? Is there a way to do this? I tried adding a negative number for $sa_tag_level_deflt, but it didn't work.

Thanks,
pgentoo


RE: enable spamassassin? - kilburn - 05-14-2009 06:18 PM

I'm quite sure it goes this way:

1. Client connects to postfix
2. Postfix opens a proxy smtp connection against amavis
3. Client sends helo/mail from/rcpt to
4. Postfix makes some checks of it's own
5. Postfix connects to policyd-weight and asks for it's decision (based on ip/helo/mail from/rcpts)
6a. If policyd rejects, postfix rejects too and closes connections to both the client and amavis proxy.
7. Postfix connects to postgrey and asks for it's decision (based on ip/sender/recipient)
7a. If postgrey rejects (greylisting rejects are always temporary, so the remote server should try again later), postfix rejects and closes connections.
8. Client sends the actual mail data.
9. When the data has been received, amavis calls its backends to perform any checks (remember that amavis has a copy of the mail because it has been receiving a copy of all the client's operations).
9a. If configured, amavis passes the message to clamav who checks the message and tells back to reject or accept it
9b. If configured, amavis passes the message to spamassassin, who replies with a reject/accept/bounce and the possibly modified message (headers added, etc.)
10. If amavisd rejects, postfix rejects too and connections are closed
11. If amavisd accepts, postfix acknowledges the message (in the client's connection). Amavisd reinjects the modified message using smtp on a special port
12. Postfix delivers the modified reinjected message to the recipients maildir

Who would have thought that receiving a mail is that complicated? Wink


RE: enable spamassassin? - pongraczi - 05-15-2009 03:21 AM

Hello guys,

This thread is very interesting, thank you!

I have a mail server, where I put zen.spamhaus.org to my postfix config as shown here:

Code:
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_rbl_client zen.spamhaus.org

This caused that the server load decreased to the 1/10th of the original time consuming.

I use amavis in this way, instead of before-queue.
Code:
content_filter = smtp-amavis:127.0.0.1:10024

Is this also could work with ispcp, right?

Cheers,
István


RE: enable spamassassin? - kilburn - 05-15-2009 03:29 AM

Quote:Is this also could work with ispcp, right?

Right. By the way, I wouldn't reject based on a single list, and even less if it's spamhaus because it has high false positives rate. Policyd-weight does a much better task with low process usage, so consider making it's rules stricter if you want to further limit the accepted mails instead...


RE: enable spamassassin? - pongraczi - 05-15-2009 04:12 AM

Thank you Smile
I think I will get out this and improve the mail server in an other way.


RE: enable spamassassin? - pgentoo - 05-15-2009 04:31 AM

(05-14-2009 06:18 PM)kilburn Wrote:  I'm quite sure it goes this way:

1. Client connects to postfix
2. Postfix opens a proxy smtp connection against amavis
3. Client sends helo/mail from/rcpt to
4. Postfix makes some checks of it's own
5. Postfix connects to policyd-weight and asks for it's decision (based on ip/helo/mail from/rcpts)
6a. If policyd rejects, postfix rejects too and closes connections to both the client and amavis proxy.
7. Postfix connects to postgrey and asks for it's decision (based on ip/sender/recipient)
7a. If postgrey rejects (greylisting rejects are always temporary, so the remote server should try again later), postfix rejects and closes connections.
8. Client sends the actual mail data.
9. When the data has been received, amavis calls its backends to perform any checks (remember that amavis has a copy of the mail because it has been receiving a copy of all the client's operations).
9a. If configured, amavis passes the message to clamav who checks the message and tells back to reject or accept it
9b. If configured, amavis passes the message to spamassassin, who replies with a reject/accept/bounce and the possibly modified message (headers added, etc.)
10. If amavisd rejects, postfix rejects too and connections are closed
11. If amavisd accepts, postfix acknowledges the message (in the client's connection). Amavisd reinjects the modified message using smtp on a special port
12. Postfix delivers the modified reinjected message to the recipients maildir

Who would have thought that receiving a mail is that complicated? Wink

Thanks for the clarification. But doesn't it make sense to do postgrey checks first? And then do the rest...?

EDIT: Nevermind, I see that amavis is just proxying the request, and not doing much until after postgrey checks pass. This is inline with the logs i'm seeing, where there are a lot of postgrey entries, but very few that make it all the way to amavis. Smile
-
pgentoo


RE: enable spamassassin? - juanper - 05-15-2009 07:13 PM

(02-22-2009 06:08 AM)rbtux Wrote:  This is how I would enable spamassassin, along with amavis and clamav. Unlike the amavis configuration with maia or the one that partially comes with ispcp, this method uses amavis as pre-queue filter. That makes it possible to reject spam mails instead of only tagging them...
Hello rbtux.

I have followed your instruction to activate spamassassin with amavis and clamav.

After installing it, now Squirrelmail not work . When I send a message I come up against the following error:

Message not sent. Server replied:

Connection refused
111 Can't open SMTP stream.

But from the mail server Outlook, works correct , all send and receive very well.
Only fail in Webmail-Squirrelmail.

My server is in a router in the internal I.P. 192.168.2.3

And in isppcomega server status, show me :
192.168.2.3 (Port 25) SMTP DOWN

Before install spamassassin, the mail worked well. In Webmail and in Outlook.

Please can you help me that I have done wrong ?

Thank you very much and congratulations for the instruction manual.
Juanper.


RE: enable spamassassin? - pongraczi - 05-15-2009 07:18 PM

(05-15-2009 04:12 AM)pongraczi Wrote:  Thank you Smile
I think I will get out this and improve the mail server in an other way.

I put it into work in two email servers, seems working well.
Only difference is I use amavis in "normal" way.

Cheers,
IStván


RE: enable spamassassin? - ashitman - 05-17-2009 07:37 PM

(05-15-2009 07:13 PM)juanper Wrote:  After installing it, now Squirrelmail not work . When I send a message I come up against the following error:

Message not sent. Server replied:

Connection refused
111 Can't open SMTP stream.

But from the mail server Outlook, works correct , all send and receive very well.
Only fail in Webmail-Squirrelmail.

My server is in a router in the internal I.P. 192.168.2.3

And in isppcomega server status, show me :
192.168.2.3 (Port 25) SMTP DOWN

Before install spamassassin, the mail worked well. In Webmail and in Outlook.

Please can you help me that I have done wrong ?

Thank you very much and congratulations for the instruction manual.
Juanper.

Hi
i´m quite new to ispcp, but i had the same problem when i setting up my first installation yesterday.
my solution:
postfix wasn´t able to run, cause there was an error in the postfix/master.cf

so i copied the one from rbtux
restart postfix
--> postfix will work again :-)

greetz
timo
Hi
i setup the amavis/clamav/spamassasin like rbtux descriped it. everything works fine, so thx to rbtux

now i´m trying to forward the recognized spam to the user in a "spam folder", like gmx.de do.
but how can i handle that. i´m quite new to the linux stuff :-)
i think i have to chane this
Code:
$final_spam_destiny       = D_REJECT;
to this
Code:
$final_spam_destiny       = D_PASS;
but where i specify the destination folder?

please help
timo