Default values for SpamAssassin

[SeLLeRoNe]

user_create_post.sh

#!/bin/sh

if [ "$spam" = "ON" ]; then

   DIR=/home/$username/.spamassassin
   mkdir $DIR
   wget -O $DIR/user_prefs http://MYURL/user_prefs >/dev/null 2>&1
   chown ${username}:mail $DIR
   chmod 771 $DIR
   chown $username:$username $DIR/user_prefs
   chmod 755 $DIR/user_prefs
   wget -O /etc/virtual/$domain/filter http://MYURL/filter >/dev/null 2>&1
   wget -O /etc/virtual/$domain/filter.conf http://MYURL/filter.conf >/dev/null 2>&1
   chown mail:mail /etc/virtual/$domain/filter
   chown mail:mail /etc/virtual/$domain/filter.conf
   chmod 640 /etc/virtual/$domain/filter
   chmod 600 /etc/virtual/$domain/filter.conf

fi

domain_create_post.sh

wget -O /etc/virtual/$domain/filter http://MYURL/filter >/dev/null 2>&1
wget -O /etc/virtual/$domain/filter.conf http://MYURL/filter.conf >/dev/null 2>&1
chown mail:mail /etc/virtual/$domain/filter
chown mail:mail /etc/virtual/$domain/filter.conf
chmod 640 /etc/virtual/$domain/filter
chmod 600 /etc/virtual/$domain/filter.conf

 

[stars]

Let me get this straight - every user has directory /home/someuser/.spamassasin and in that directory:
- file spam with chmod 660 chown mail:[someuser]
- folder user_spam chmod 771 chown [someuser]:mail

Why there is file and folder and not 2 folders?

 

[ppnl]

A more dynamic way for default spamassassin settings

When spamassassin is installed I found a way that it will take over the values for a given domain (I use the admin domain) as defaults. So you can use the GUI for your admin domain to set the defaults in case a user didn't configure spamassassin.

[1] comment-out one line in /etc/exim.conf
[2] edit / add a section to /etc/exim.conf

First is to edit /etc/exim.conf and to comment out the condition to check the spamassassin/user_prefs. See the line with the #.

spamcheck_director:
  driver = accept
  condition = "${if and { \
                        {!def:h_X-Spam-Flag:} \
                        {!eq {$received_protocol}{spam-scanned}} \
                        {!eq {$received_protocol}{local}} \
#{exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}} \
                        {<{$message_size}{500k}} \
                } {1}{0}}"
  retry_use_local_part
  transport = spamcheck
  no_verify

Add the following to /etc/exim.conf in order to default to the admin.com spam filtering. Replace admin.com with your own admin domain and check if the file /etc/virtual/admin.com/filter is existing.

domain_filter_default:
  driver = redirect
  allow_filter
  no_check_local_user
  condition = "${if exists{/home/${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}/.spamassassin/user_prefs}{yes}{yes}}"
  user = "${lookup{$domain}lsearch{/etc/virtual/domainowners}{$value}}"
  group = "mail"
  file = /etc/virtual/admin.com/filter
  directory_transport = address_file
  pipe_transport = virtual_address_pipe
  retry_use_local_part
  no_verify

Now restart exim (e.g. via directadmin -> monitor services) and now the result is that spamassassin will use the user settings of spamassassin and if these are not entered then it will use the settings of the admin.com domain.

 

[NoBaloney2]

Some questions:

1) Before your change what happens if the user hasn't set defaults?

2) Does this change the default logging in any way?

3) Where does the new 'domain_filter defaults' section go?

4) Why use a new section? Why not put the code into the old section?

5) Where does the new section go?

6) Will this still allow users to turn off SpamAssassin for a user? If so, by the same method?

This appears to be something I can set by default in my next update to exim.conf, scheduled to be done very early this year, but I need to understand it a bit better.

Thanks for your help.

Jeff

 

[ppnl]

1) Before your change what happens if the user hasn't set defaults?

With a fresh install of DA I experienced that all spam was send to customer mailbox with original mail in an attachement. And no way to change defaults. (I wanted to delete all spam > 5 by default)

2) Does this change the default logging in any way?

It will act like the mail box did have settings for itself. And I don't think that will influent logging. And if it does it would be the same as if the user did manually set these settings himself. So then it's also wanted.

3) Where does the new 'domain_filter defaults' section go?

I put it in /etc/exim.conf just below the domain_filter: section

4) Why use a new section? Why not put the code into the old section?

I'm not an exim expert, but the new section will check another file (other condition) and with another result (the fixed admin domain filter and not the user specific one). So I choose a new section

5) Where does the new section go?

See 3

6) Will this still allow users to turn off SpamAssassin for a user? If so, by the same method?

If a user disables spamassassin then indeed it will NOT be disables, but will take the defaults from your admin account (which I really prefer and works as designed!). However a user can still choose to "Inbox (don't block it)" and leave all spam unblocked.


My solution did work for years on my 1.38 DirectAdmin and I recently redid a 1.40.1 with success and took the opportunity to share this tip with the community...

I hope it will also work for you otherwise let me know.

 

[NoBaloney2]

So is this a How-To or a Feature Request? Let me know; I'll separate out your post and the replies and if a feature request, I'll give users a chance to respond.

Jeff