HOWTO: Virtual SpamAssassin config files

Protollix

Verified User
Joined
Apr 24, 2004
Messages
59
I finally figured out how to do this. The only downside is that there is no way for the user to easily manage their config file in the control panel (plugin is on the way, hopefully -- once I get some time).

Basically, this will allow each *nix user to maintain their own SA config file, instead of being forced to use the sitewide file.

Step 1: Install SpamAssassin
We need to install SpamAssassin before we can do anything. You can do so by executing these commands:
Code:
cd /usr/local/directadmin/scripts
./spam.sh

Step 2: Setup a startup script
The ideal way to do this would be via an init script. However, I just used a little shell script for the time being until I have the time to write an init script up. To follow what I did:
Code:
pico /usr/local/sbin/spamd
then paste in the following:
Code:
killall spamd
/usr/bin/spamd -d -c -u mail

next, you need to chmod the file. I did this as root, and will only ever execute this as root. so I did:
Code:
chmod 700 /usr/local/sbin/spamd

Step 3: Start Spam Assassin
Now we can start SA by issuing the following command:
Code:
/usr/local/sbin/spamd

Step 4: Configuring Exim
I highly recommend you install jlasman's SpamBlocker as outlined here

Whether you do or don't is up to you. The next step you must do is uncomment the following two sections in /etc/exim.conf (note, I already uncommented mine, you will see below what your sections should look like after you uncomment them):

Code:
# Spam Assassin
spamcheck_director:
  driver = accept
  condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} } {1}{0}}"
  retry_use_local_part
  transport = spamcheck
  no_verify
Code:
# Spam Assassin
begin transports   

spamcheck:
  driver = pipe       
  batch_max = 100      
  command = /usr/sbin/exim -oMr spam-scanned -bS
  current_directory = "/tmp"
  group = mail    
  home_directory = "/tmp"
  log_output 
  message_prefix =
  message_suffix =
  return_fail_output
  no_return_path_add           
  transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch{/etc/virtual/domainowners}}
  use_bsmtp
  user = mail         
  # must use a privileged user to set $received_protocol on the way back in!

If you were observant, you will notice my second section differs slightly from yours!

Notice the line:
Code:
transport_filter = /usr/bin/spamc -u ${lookup{$domain}lsearch{/etc/virtual/domainowners}}
You should change your transport_filter line to resemble that above.

Now save your changes and restart exim!

Notes
- The default SA config file is located at /etc/mail/spamassassin/local.cf
- User config files will be located at /home/<username>/.spamassassin/user_prefs
- the user config file MUST be created by you (for now). to do so you may issue the following commands, replacing <username> with the actual user's username
Code:
cd /home/<username>
mkdir .spamassassin
cp /usr/share/spamassassin/user_prefs.template ./.spamassassin/user_prefs
chown -R <username>.mail ./spamassassin
chmod 770 ./.spamassassin/user_prefs

- You can find user preference options here

I hope this helps some of you looking to enable per-user SA config files :)
 
Also, here is a quick way to copy default config files and ensure proper permissions.

you might want to run this once an hour or once daily, as it will only copy SA config files if they don't already exist.

This at least gives your users something to start with, and is much easier than hand doing it if you have lots of users:

Code:
#!/bin/bash
for file in /home/*
 do
user=${file:6}

        if [ -d $file ] ; then
                if [ -d $file/.spamassassin ]; then
                        if [ -f $file/.spamassassin/user_prefs ] ; then
                                echo "$file already has a SA config file"
                        else
                                cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                        fi
                else
                        echo "$file does not have a spamassassin config. Creating one."
                        mkdir $file/.spamassassin
                        cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                fi
                echo "Fixing permissions for $file"
                chown -R $user.mail $file/.spamassassin
                chmod 770 $file/.spamassassin/user_prefs
        fi
done
 
Wow, this is really _GREAT_!

IMHO this is the way to go for the DirectAdmin team to implement SpamAssassin in a nice way.
 
The DA team lists this thread as the new spamassassin user interface feature.

Does this mean that there will finally be a GUI in DA fo this? Or will user need to tweak a text file using the filemanager?
 
interfasys said:
The DA team lists this thread as the new spamassassin user interface feature.

Does this mean that there will finally be a GUI in DA fo this? Or will user need to tweak a text file using the filemanager?

Yes, I emailed them about this and they will try to include it for the next release.

John: I've added it to the versions system for the next release. It will just be a GUI for the user spamassassin config files.

So I guess setting up the whole configuration must be done by yourself, but the GUI will be there..
 
do i have to do this before i update to 1.225?
i have not ever used or installed SA before
 
sander815 said:
do i have to do this before i update to 1.225?
i have not ever used or installed SA before

No the best is to upgrade to 1.2.2.5 and then install this.
 
Could someone make an how-to on what to do to set-up everything for 2.225 including virus scan with exiscan for FreeBSD 5.x ? :)
 
One thing that wasn't mentioned specifically in the rollout of the SA implementation in Directadmin, which we just discovered is that the exim.conf file isn't edited automatically, and must be changed to

# Spam Assassin
spamcheck_director:
driver = accept
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq {$received_protocol}{spam-scanned}} {!eq{$received_protocol}{local}} } $
retry_use_local_part
transport = spamcheck
no_verify

I know it was discussed previously to this, and mentioned in the manual setup above, but I guess I mistakenly assumed that when DA released it that it would automatically modify the exim.conf file automatically.

Manually editing exim.conf - everything works fine.

One question:

X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11)

When will this be upgraded, or can we upgrade to the latest version without disturbing anything from DA?

Thanks - hope this helps someone else.
 
One other question:


Headers are reporting this:

X-Spam-Status: No, hits=8.3 required=10.0


But I have the SA setup in DA to flag at 5... where is the 10.0 specified? I can't find it in any of the config files (yet).

Thanks
 
I was mulling over this last night....

A couple of things regarding this implementation:
1. This is not per user, but per domain, as DA only has one user per domain

2. If you have a busy server then the load will become an issue as each and every single email will have to be processed by the enduser's rules

3. This may not be compatible with Spam Assassin 3, as the user preferences change quite dramatically


The other question is this:
How do I turn this off completely?
 
Protollix said:
Also, here is a quick way to copy default config files and ensure proper permissions.

you might want to run this once an hour or once daily, as it will only copy SA config files if they don't already exist.

This at least gives your users something to start with, and is much easier than hand doing it if you have lots of users:

Code:
#!/bin/bash
for file in /home/*
 do
user=${file:6}

        if [ -d $file ] ; then
                if [ -d $file/.spamassassin ]; then
                        if [ -f $file/.spamassassin/user_prefs ] ; then
                                echo "$file already has a SA config file"
                        else
                                cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                        fi
                else
                        echo "$file does not have a spamassassin config. Creating one."
                        mkdir $file/.spamassassin
                        cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                fi
                echo "Fixing permissions for $file"
                chown -R $user.mail $file/.spamassassin
                chmod 770 $file/.spamassassin/user_prefs
        fi
done

I've an error with your code on my RH9 box.
I copy your code to a file and do a cronjob with this file. But I'll have this errors :

/etc/MailScanner/spam_perso_conf.sh: line 3: syntax error near unexpected token `do
'
/etc/MailScanner/spam_perso_conf.sh: line 3: ` do

Any idea ?
 
revert to older sa config

I recently upgraded DA to utilize the new Spam Assassin config domain files. Since I did this my server load has been skyrocketing until the server is unreachable. Is there a way to revert back to the single SA config file. Currently I've had to shut off SA in the exim config file to prevent the load from bogging down the server.

Thanks,

James
 
Protollix said:
Also, here is a quick way to copy default config files and ensure proper permissions.

you might want to run this once an hour or once daily, as it will only copy SA config files if they don't already exist.

This at least gives your users something to start with, and is much easier than hand doing it if you have lots of users:

Code:
#!/bin/bash
for file in /home/*
 do
user=${file:6}

        if [ -d $file ] ; then
                if [ -d $file/.spamassassin ]; then
                        if [ -f $file/.spamassassin/user_prefs ] ; then
                                echo "$file already has a SA config file"
                        else
                                cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                        fi
                else
                        echo "$file does not have a spamassassin config. Creating one."
                        mkdir $file/.spamassassin
                        cp /usr/share/spamassassin/user_prefs.template $file/.spamassassin/user_prefs
                fi
                echo "Fixing permissions for $file"
                chown -R $user.mail $file/.spamassassin
                chmod 770 $file/.spamassassin/user_prefs
        fi
done

is this still neccesary for DA 1.23?
 
Back
Top