[Postfixbuch-users] DSPAM
tp22a at softhome.net
tp22a at softhome.net
Sa Feb 19 23:02:47 CET 2005
Hallo
Ich fange mal mit der /etc/postfix/master.cf an (habe einige sachen raus genommen):
aaa.bbb.ccc.ddd:smtp inet n - n - - smtpd
-o content_filter=smtp-amavis:[127.0.0.1]:10024
192.168.0.115:smtp inet n - n - - smtpd
127.0.0.1:smtp inet n - n - - smtpd
aaa.bbb.ccc.ddd:ssmtp inet n - n - - smtpd
-o content_filter=smtp-amavis:[127.0.0.1]:10024
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
192.168.0.115:ssmtp inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
127.0.0.1:ssmtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
-o cleanup_service_name=pre-cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr fifo - - n 300 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_helo_timeout=5
-o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
maildrop unix - n n - - pipe
flags=DORhu user=vmail argv=/usr/bin/maildrop -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
smtp-amavis unix - - n - 2 lmtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - n - - smtpd
-o cleanup_service_name=pre-cleanup
-o local_recipient_maps=
-o relay_recipient_maps=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o mynetworks_style=host
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtp_send_xforward_command=yes
-o content_filter=dspam:dummy
127.0.0.1:10026 inet n - n - - smtpd
-o local_recipient_maps=
-o relay_recipient_maps=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o mynetworks_style=host
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o content_filter=
pre-cleanup unix n - n - 0 cleanup
-o virtual_alias_maps=
-o canonical_maps=
-o sender_canonical_maps=
-o recipient_canonical_maps=
-o masquerade_domains=
-o always_bcc=
-o sender_bcc_maps=
-o recipient_bcc_maps=
cleanup unix n - n - 0 cleanup
-o mime_header_checks=
-o nested_header_checks=
-o body_checks=
-o header_checks
local unix - n n - - local
-o content_filter=
-o myhostname=localhost
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o mynetworks_style=host
-o smtpd_restriction_classes=
-o smtpd_client_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
vacation unix - n n - - pipe
flags=DRhu user=vacation:vacation argv=/var/spool/vacation/vacation_new.pl
dspam unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --mode=teft --deliver=innocent,spam --feature=chained,noise,whitelist,tb=5 -i -f ${sender} -- %u --user ${recipient}
spam-user unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --user ${sender} --mode=teft --feature=chained,noise,whitelist,tb=5 --class=spam --source=error --stdout
ham-user unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --user ${sender} --mode=teft --feature=chained,noise,whitelist,tb=5 --class=innocent --source=error --stdout
spam-global unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --user globaluser --mode=teft --feature=chained,noise,tb=5 --class=spam --source=corpus --stdout
ham-global unix - n n - - pipe
flags=Rhq user=dspam argv=/usr/bin/dspam --user globaluser --mode=teft --feature=chained,noise,tb=5 --class=innocent --source=corpus --stdout
Und nun zu der main.cf (auch hier habe ich einige Kleinigkeiten raus genommen):
###########################################################
myhostname = mail.domain.tld
mydomain = domain.tld
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain $mydomain
mynetworks_style = class
mynetworks = aaa.bbb.ccc.xxx/29, 192.168.0.0/24, 127.0.0.0/8
home_mailbox = .maildir/
###########################################################
default_destination_concurrency_limit = 20
local_destination_concurrency_limit = 1
lmtp_destination_concurrency_limit = $default_destination_concurrency_limit
maildrop_destination_recipient_limit = 1
mailman_destination_recipient_limit = 1
relay_destination_concurrency_limit = $default_destination_concurrency_limit
smtp_destination_concurrency_limit = $default_destination_concurrency_limit
virtual_destination_concurrency_limit = $default_destination_concurrency_limit
transport_destination_recipient_limit = 1
vacation_destination_recipient_limit = 1
###########################################################
smtpd_helo_required = yes
disable_vrfy_command = yes
###########################################################
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_local_domain =
###########################################################
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining,
permit
smtpd_recipient_restrictions = check_recipient_access pcre:/etc/postfix/check_recipient_access.pcre,
check_sender_access pcre:/etc/postfix/check_sender_access.pcre,
permit_sasl_authenticated,
permit_mynetworks,
permit_tls_clientcerts,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_destination,
check_helo_access pcre:/etc/postfix/check_helo_access.pcre,
check_recipient_access pcre:/etc/postfix/check_recipient_access.pcre,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client relays.ordb.org,
check_policy_service inet:127.0.0.1:10030,
permit
###########################################################
smtpd_data_restrictions = reject_unauth_pipelining,
permit
###########################################################
smtpd_use_tls = yes
smtpd_tls_key_file = /etc/postfix/newreq.pem
smtpd_tls_cert_file = /etc/postfix/newcert.pem
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_daemon_random_source = dev:/dev/urandom
tls_random_source = dev:/dev/urandom
###########################################################
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
###########################################################
proxy_read_maps = proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
proxy:mysql:/etc/postfix/mysql_mailman_domains.cf
###########################################################
alias_maps = hash:/usr/local/mailman/data/aliases,
hash:/etc/mail/aliases,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
alias_database = hash:/usr/local/mailman/data/aliases,
hash:/etc/mail/aliases
local_recipient_maps = $alias_maps,
unix:passwd.byname
local_transport = local
###########################################################
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_base = /home/vmail
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 1000
virtual_uid_maps = static:1003
virtual_gid_maps = static:1003
virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_transport = virtual
virtual_mailbox_limit =
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
virtual_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
###########################################################
relay_domains = proxy:mysql:/etc/postfix/mysql_mailman_domains.cf
proxy:mysql:/etc/postfix/mysql_relay_domains_maps.cf
###########################################################
transport_maps = regexp:/etc/postfix/regexp_transport.cf,
mysql:/etc/postfix/mysql_virtual_domains_maps.cf
masquerade_domains = $mydomain
###########################################################
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) [NO UCE, NO UBE, C=CH, L=ZU]
smtpd_delay_reject = no
strict_rfc821_envelopes = yes
###########################################################
maildrop_destination_recipient_limit = 1
###########################################################
dspam_destination_recipient_limit = 1
spam-user_destination_recipient_limit = 1
ham-user_destination_recipient_limit = 1
spam-global_destination_recipient_limit = 1
ham-global_destination_recipient_limit = 1
###########################################################
max_use = 10
###########################################################
owner_request_special = no
recipient_delimiter = +
###########################################################
fallback_relay = 192.168.0.254
fallback_transport = virtual
###########################################################
message_size_limit = 20480000
mailbox_size_limit = 0
virtual_mailbox_limit = 0
###########################################################
Um mir die Sache mit dem Raporting von Spam / No-Spam zu erleichtern habe ich das über eine Transport map gelöst:
/etc/postfix/regexp_transport.cf:
/^spam@(.*)$/ spam-user:${1}
/^ham@(.*)$/ ham-user:${1}
/^spam-global@(.*)$/ spam-global:${1}
/^ham-global@(.*)$/ ham-global:${1}
/^.*@autoreply.mydomain.local$/ vacation:
Der ${1} Parameter ist hier eigendlich nicht nötig, da ich das ja wie schon erwähnt anders löse.
In amavis-new habe ich nur den Antivirus Teil aktiv (habe hier auch einige Sachen anonymisiert):
grep -v "^$\|^#" /etc/amavisd.conf
use strict;
$MYHOME = '/var/amavis'; # (default is '/var/amavis')
$mydomain = 'domain.tld'; # (no useful default)
$myhostname = 'domain.tld'; # fqdn of this host, default by uname(3)
$daemon_user = 'amavis'; # (no default; customary: vscan or amavis)
$daemon_group = 'amavis'; # (no default; customary: vscan or amavis or sweep)
$TEMPBASE = "$MYHOME/tmp"; # prefer to keep home dir /var/amavis clean?
$db_home = "$MYHOME/db"; # DB databases directory, default "$MYHOME/db"
$helpers_home = $MYHOME; # (defaults to $MYHOME)
$ENV{TMPDIR} = $TEMPBASE; # wise to set TMPDIR, but not obligatory
$enable_db = 1; # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1; # enable use of libdb-based cache if $enable_db=1
$max_servers = 4; # number of pre-forked children (default 2)
$max_requests = 20; # retire a child after that many accepts (default 10)
$child_timeout=5*60; # abort child if it does not complete each task in
# approximately n sec (default: 8*60 seconds)
@bypass_spam_checks_maps = (1); # uncomment to DISABLE anti-spam code
@local_domains_maps = ( [qw( .$mydomain .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.zzz .xxxxxxxxx.yy .lists.xxxxxxxxx.yy .xxxxxxxxx.local .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.yy .xxxxxxxxx.info .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.zzz .xxxxxxxxx.zzz .xxxxxxxxx.yy .xxxxxxxxx.yy .xxxxxxxxx.zzz .xxxxxxxxx.yy )] );
# (does not apply to sendmail/milter)
# (default is true)
$unix_socketname = "$MYHOME/amavisd.sock"; # amavis helper protocol socket
# (default is undef, i.e. disabled)
# (usual setting is $MYHOME/amavisd.sock)
$inet_socket_port = 10024; # accept SMTP on this local TCP port
# (default is undef, i.e. disabled)
# (default is '127.0.0.1')
@inet_acl = qw( 127.0.0.1 ::1 ); # allow SMTP access only from localhost IP
# (default is qw(127.0.0.1 ::1) )
@mynetworks = qw( 127.0.0.0/8 ::1 aaa.bbb.ccc.xxx/29 192.168.0.0/24 );
$DO_SYSLOG = 1; # (defaults to 0)
$LOGFILE = "$MYHOME/amavis.log"; # (defaults to empty, no log)
$log_level = 0; # (defaults to 0)
$log_recip_templ = undef; # undef disables by-recipient level-0 log entries
$final_virus_destiny = D_DISCARD; # (defaults to D_DISCARD)
$final_banned_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_spam_destiny = D_DISCARD; # (defaults to D_BOUNCE)
$final_bad_header_destiny = D_PASS; # (defaults to D_PASS)
@viruses_that_fake_sender_maps = (new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|parite|spaces'i,
qr'dloader|galil|gibe|swen|netwatch|bics|sbrowse|sober|rox|val(hal)?la'i,
qr'frethem|sircam|be?agle|tanx|mydoom|novarg|shimg|netsky|somefool|moodown'i,
qr'@mm|@MM', # mass mailing viruses as labeled by f-prot and uvscan
qr'Worm'i, # worms as labeled by ClamAV, Kaspersky, etc
[qr/.*/ => 1], # true by default (remove or comment-out if undesired)
));
$virus_admin = "aaaaaaa\@xxxxxx.yy";
$mailfrom_notify_admin = "aaaaaaa\@xxxxxx.yy";
$mailfrom_notify_recip = "aaaaaaa\@xxxxxx.yy";
$mailfrom_notify_spamadmin = "aaaaaaa\@xxxxxx.yy";
$mailfrom_to_quarantine = ''; # override sender address with null return path
$QUARANTINEDIR = "$MYHOME/quarantine";
$virus_quarantine_to = 'virus-quarantine'; # traditional local quarantine
$banned_quarantine_to = 'banned-quarantine'; # local quarantine
$bad_header_quarantine_to = 'bad-header-quarantine'; # local quarantine
$spam_quarantine_to = 'spam-quarantine'; # local quarantine
$X_HEADER_TAG = 'X-Virus-Scanned'; # (default: 'X-Virus-Scanned')
$undecipherable_subject_tag = '***UNCHECKED*** '; # undef disables it
$defang_virus = 1; # default is false: don't modify mail body
$defang_banned = 1; # default is false: don't modify mail body
$defang_undecipherable = 1; # default is false: don't modify mail body
$remove_existing_x_scanned_headers= 1; # remove existing headers
# (defaults to false)
$remove_existing_spam_headers = 1; # remove existing spam headers if
# spam scanning is enabled (default)
@keep_decoded_original_maps = (new_RE(
qr'^MAIL-UNDECIPHERABLE$', # retain full mail if it contains undecipherables
qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
# block certain double extensions anywhere in the base name
qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
qr'^application/x-msdownload$'i, # block these MIME types
qr'^application/x-msdos-program$'i,
qr'^application/hta$'i,
[ qr'^\.(rpm|cpio|tar)$' => 0 ], # allow any in Unix-type archives
qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
qr'^\.(exe-ms)$', # banned file(1) types
);
$banned_namepath_re = new_RE(
# block these MIME types
qr'(?#NO X-MSDOWNLOAD) ^(.*\t)? M=application/x-msdownload (\t.*)? $'xmi,
qr'(?#NO X-MSDOS-PROGRAM)^(.*\t)? M=application/x-msdos-program(\t.*)? $'xmi,
qr'(?#NO HTA) ^(.*\t)? M=application/hta (\t.*)? $'xmi,
# within traditional Unix archives allow any name and type
[ qr'(?#rule-4) ^ (.*\t)? T=(tar|rpm|cpio) (\t.*)? $'xmi => 0 ], # allow
# block certain double extensions in filenames
qr'(?# BLOCK DOUBLE-EXTENSIONS )
^ (.*\t)? N= [^\t\n]* \. [^./\t\n]* \.
(exe|vbs|pif|scr|bat|cmd|com|cpl|dll) \.? (\t.*)? $'xmi,
# banned filename extensions (in declared names) anywhere - basic
qr'(?# BLOCK COMMON NAME EXENSIONS )
^ (.*\t)? N= [^\t\n]* \. (exe|vbs|pif|scr|bat|com|cpl) (\t.*)? $'xmi,
[ qr'(?# BLOCK EMPTY MIME PART APPLICATION/OCTET-STREAM )
^ (.*\t)? M=application/octet-stream \t(.*\t)* T=empty (\t.*)? $'xmi
=> 'DISCARD' ],
qr'(?# BLOCK Microsoft EXECUTABLES )
^ (.*\t)? T=exe-ms (\t.*)? $'xm, # banned file(1) type
);
$banned_namepath_re = undef; # to disable new-style
@bypass_spam_checks_maps = (1);
@lookup_sql_dsn =
( ['DBI:mysql:database=amavisd;host=127.0.0.1;port=3306', 'amavisd', 'mypassword'],
['DBI:mysql:database=amavisd;host=192.168.0.115;port=3306', 'amavisd', 'mypassword'] );
$sql_select_policy = 'SELECT *,users.id FROM users,policy'.
' WHERE (users.policy_id=policy.id) AND (users.email IN (%k))'.
' ORDER BY users.priority DESC';
$sql_select_white_black_list = 'SELECT wb FROM wblist,mailaddr'.
' WHERE (wblist.rid=?) AND (wblist.sid=mailaddr.id)'.
' AND (mailaddr.email IN (%k))'.
' ORDER BY mailaddr.priority DESC';
$recipient_delimiter = '+'; # (default is undef, i.e. disabled)
$localpart_is_case_sensitive = 0; # (default is false)
@score_sender_maps = ({ # a by-recipient hash lookup table
# site-wide opinions about senders (the '.' matches any recipient)
'.' => [ # the _first_ matching sender determines the score boost
new_RE( # regexp-type lookup table, just happens to be all soft-blacklist
[qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i => 5.0],
[qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
[qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
[qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i => 5.0],
[qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i => 5.0],
[qr'^(your_friend|greatoffers)@'i => 5.0],
[qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i => 5.0],
),
{ # a hash-type lookup table (associative array)
'nobody at cert.org' => -3.0,
'cert-advisory at us-cert.gov' => -3.0,
'owner-alert at iss.net' => -3.0,
'slashdot at slashdot.org' => -3.0,
'bugtraq at securityfocus.com' => -3.0,
'ntbugtraq at listserv.ntbugtraq.com' => -3.0,
'security-alerts at linuxsecurity.com' => -3.0,
'mailman-announce-admin at python.org' => -3.0,
'amavis-user-admin at lists.sourceforge.net'=> -3.0,
'notification-return at lists.sophos.com' => -3.0,
'owner-postfix-users at postfix.org' => -3.0,
'owner-postfix-announce at postfix.org' => -3.0,
'owner-sendmail-announce at lists.sendmail.org' => -3.0,
'sendmail-announce-request at lists.sendmail.org' => -3.0,
'donotreply at sendmail.org' => -3.0,
'ca+envelope at sendmail.org' => -3.0,
'noreply at freshmeat.net' => -3.0,
'owner-technews at postel.acm.org' => -3.0,
'ietf-123-owner at loki.ietf.org' => -3.0,
'cvs-commits-list-admin at gnome.org' => -3.0,
'rt-users-admin at lists.fsck.com' => -3.0,
'clp-request at comp.nus.edu.sg' => -3.0,
'surveys-errors at lists.nua.ie' => -3.0,
'emailnews at genomeweb.com' => -5.0,
'yahoo-dev-null at yahoo-inc.com' => -3.0,
'returns.groups.yahoo.com' => -3.0,
'clusternews at linuxnetworx.com' => -3.0,
lc('lvs-users-admin at LinuxVirtualServer.org') => -3.0,
lc('owner-textbreakingnews at CNNIMAIL12.CNN.COM') => -5.0,
# soft-blacklisting (positive score)
'sender at example.net' => 3.0,
'.example.net' => 1.0,
},
], # end of site-wide tables
});
@blacklist_sender_maps = ( new_RE(
qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou|greatcasino)@'i,
qr'^(investments|lose_weight_today|market\.alert|money2you|MyGreenCard)@'i,
qr'^(new\.tld\.registry|opt-out|opt-in|optin|saveonlsmoking2002k)@'i,
qr'^(specialoffer|specialoffers|stockalert|stopsnoring|wantsome)@'i,
qr'^(workathome|yesitsfree|your_friend|greatoffers)@'i,
qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i,
));
$MAXLEVELS = 14; # (default is undef, no limit)
$MAXFILES = 1500; # (default is undef, no limit)
$MIN_EXPANSION_QUOTA = 100*1024; # bytes (default undef, not enforced)
$MAX_EXPANSION_QUOTA = 300*1024*1024; # bytes (default undef, not enforced)
$MIN_EXPANSION_FACTOR = 5; # times original mail size (default is 5)
$MAX_EXPANSION_FACTOR = 500; # times original mail size (default is 500)
$virus_check_negative_ttl= 3*60; # time to remember that mail was not infected
$virus_check_positive_ttl= 30*60; # time to remember that mail was infected
$spam_check_negative_ttl = 30*60; # time to remember that mail was not spam
$spam_check_positive_ttl = 30*60; # time to remember that mail was spam
$path = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/sbin:/usr/bin:/bin:/opt/bin';
$file = 'file'; # file(1) utility; use 3.41 or later to avoid vulnerability
$gzip = 'gzip';
$bzip2 = 'bzip2';
$lzop = 'lzop';
$rpm2cpio = ['rpm2cpio.pl','rpm2cpio'];
$cabextract = 'cabextract';
$uncompress = ['uncompress', 'gzip -d', 'zcat'];
$unfreeze = ['unfreeze', 'freeze -d', 'melt', 'fcat'];
$arc = ['nomarch', 'arc'];
$unarj = ['arj', 'unarj']; # both can extract, arj is recommended
$unrar = ['rar', 'unrar']; # both can extract, same options
$zoo = 'zoo';
$lha = 'lha';
$pax = 'pax'; # pax preferred to cpio, if pax is avail the cpio is not used
$cpio = ['gcpio','cpio']; # gcpio is a GNU cpio on OpenBSD, which supports
# the options needed; the rest of us use cpio
$ar = 'ar'; # Unix binary archives and Debian binary packages
$ripole = 'ripole';
$dspam = 'dspam';
$sa_local_tests_only = 0; # (default: false)
# for SA 3.0, its cf option is use_auto_whitelist)
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
# (less than 1% of spam is > 64k)
# default: undef, no limitations
$sa_tag_level_deflt = 2.0; # add spam info headers if at, or above that level;
# undef is interpreted as lower than any spam level
$sa_tag2_level_deflt = 6.31;# add 'spam detected' headers at that level to
# passed mail (e.g. when $final_spam_destiny=D_PASS
# or for spam_lovers or when below kill_level)
$sa_kill_level_deflt = $sa_tag2_level_deflt; # triggers spam evasive actions
# at or above that level: bounce/reject/drop,
# quarantine, and adding mail address extension
$sa_dsn_cutoff_level = 10; # spam level beyond which a DSN is not sent,
# effectively turning D_BOUNCE into D_DISCARD;
# undef disables this feature and is a default;
# (only seen when spam is passed and recipient is
# in local_domains*)
# undef or empty disables inserting X-Spam-Level
$first_infected_stops_scan = 1; # default is false, all scanners in a section
# are called
@av_scanners = (
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
### http://www.kaspersky.com/ (in the 'file server version')
['KasperskyLab AVP - aveclient',
['/usr/local/kav/bin/aveclient','/usr/local/share/kav/bin/aveclient',
'/opt/kav/bin/aveclient','aveclient'],
'-p /var/run/aveserver -s {}/*', [0,3,6,8], qr/\b(INFECTED|SUSPICION)\b/,
qr/(?:INFECTED|SUSPICION) (.+)/,
],
### http://www.kaspersky.com/
['KasperskyLab AntiViral Toolkit Pro (AVP)', ['avp'],
'-* -P -B -Y -O- {}', [0,3,6,8], [2,4], # any use for -A -K ?
qr/infected: (.+)/,
sub {chdir('/opt/AVP') or die "Can't chdir to AVP: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
### The kavdaemon and AVPDaemonClient have been removed from Kasperky
### products and replaced by aveserver and aveclient
['KasperskyLab AVPDaemonClient',
[ '/opt/AVP/kavdaemon', 'kavdaemon',
'/opt/AVP/AvpDaemonClient', 'AvpDaemonClient',
'/opt/AVP/AvpTeamDream', 'AvpTeamDream',
'/opt/AVP/avpdc', 'avpdc' ],
"-f=$TEMPBASE {}", [0,8], [3,4,5,6], qr/infected: ([^\r\n]+)/ ],
# change the startup-script in /etc/init.d/kavd to:
# DPARMS="-* -Y -dl -f=/var/amavis /var/amavis"
# (or perhaps: DPARMS="-I0 -Y -* /var/amavis" )
# adjusting /var/amavis above to match your $TEMPBASE.
# The '-f=/var/amavis' is needed if not running it as root, so it
# can find, read, and write its pid file, etc., see 'man kavdaemon'.
# defUnix.prf: there must be an entry "*/var/amavis" (or whatever
# directory $TEMPBASE specifies) in the 'Names=' section.
# cd /opt/AVP/DaemonClients; configure; cd Sample; make
# cp AvpDaemonClient /opt/AVP/
# su - vscan -c "${PREFIX}/kavdaemon ${DPARMS}"
### http://www.hbedv.com/ or http://www.centralcommand.com/
['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
['antivir','vexira'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
# NOTE: if you only have a demo version, remove -z and add 214, as in:
# '--allfiles -noboot -nombr -rs -s {}', [0,214], qr/ALERT:|VIRUS:/,
# According to the documentations, the new version of Vexira has
# reasonable defaults, one may consider: "--timeout=60 --temp=$TEMPBASE {}"
### http://www.commandsoftware.com/
['Command AntiVirus for Linux', 'csav',
'-all -archive -packed {}', [50], [51,52,53],
qr/Infection: (.+)/ ],
### http://www.symantec.com/
['Symantec CarrierScan via Symantec CommandLineScanner',
'cscmdline', '-a scan -i 1 -v -s 127.0.0.1:7777 {}',
qr/^Files Infected:\s+0$/, qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
### http://www.symantec.com/
['Symantec AntiVirus Scan Engine',
'savsecls', '-server 127.0.0.1:7777 -mode scanrepair -details -verbose {}',
[0], qr/^Infected\b/,
qr/^(?:Info|Virus Name):\s+(.+)/ ],
# NOTE: check options and patterns to see which entry better applies
### http://www.f-secure.com/products/anti-virus/
['F-Secure Antivirus', 'fsav',
'--dumb --mime --archive {}', [0], [3,8],
qr/(?:infection|Infected|Suspected): (.+)/ ],
['CAI InoculateIT', 'inocucmd', # retired product
'-sec -nex {}', [0], [100],
qr/was infected by virus (.+)/ ],
# see: http://www.flatmtn.com/computer/Linux-Antivirus_CAI.html
### http://www3.ca.com/Solutions/Product.asp?ID=156 (ex InoculateIT)
['CAI eTrust Antivirus', 'etrust-wrapper',
'-arc -nex -spm h {}', [0], [101],
qr/is infected by virus: (.+)/ ],
# NOTE: requires suid wrapper around inocmd32; consider flag: -mod reviewer
# see http://marc.theaimsgroup.com/?l=amavis-user&m=109229779912783
### http://mks.com.pl/english.html
['MkS_Vir for Linux (beta)', ['mks32','mks'],
'-s {}/*', [0], [1,2],
qr/--[ \t]*(.+)/ ],
### http://mks.com.pl/english.html
['MkS_Vir daemon', 'mksscan',
'-s -q {}', [0], [1..7],
qr/^... (\S+)/ ],
### http://www.nod32.com/
['ESET Software NOD32', 'nod32',
'--arch --mail {}', [0], [1,10], qr/^object=.*, virus="(.*?)",/ ],
# with old versions use:
# '-all -subdir+ {}', [0], [1,2],
# qr/^.+? - (.+?)\s*(?:backdoor|joke|trojan|virus|worm)/ ],
### http://www.nod32.com/
['ESET Software NOD32 - Client/Server Version', 'nod32cli',
'-a -r -d recurse --heur standard {}', [0], [10,11],
qr/^\S+\s+infected:\s+(.+)/ ],
### http://www.norman.com/products_nvc.shtml
['Norman Virus Control v5 / Linux', 'nvcc',
'-c -l:0 -s -u -temp:$TEMPBASE {}', [0,10,11], [1,2,14],
qr/(?i).* virus in .* -> \'(.+)\'/ ],
### http://www.pandasoftware.com/
['Panda Antivirus for Linux', ['pavcl'],
'-aut -aex -heu -cmp -nbr -nor -nso -eng {}',
qr/Number of files infected[ .]*: 0+(?!\d)/,
qr/Number of files infected[ .]*: 0*[1-9]/,
qr/Found virus :\s*(\S+)/ ],
### http://www.nai.com/
['NAI McAfee AntiVirus (uvscan)', 'uvscan',
'--secure --mime --program --mailbox -rv --summary --noboot --timeout 180 - {}', [0], [13],
qr/(?x) Found (?:
\ the\ (.+)\ (?:virus|trojan) |
\ (?:virus|trojan)\ or\ variant\ ([^ ]+) |
:\ (.+)\ NOT\ a\ virus)/,
# sub {$ENV{LD_PRELOAD}='/lib/libc.so.6'},
# sub {delete $ENV{LD_PRELOAD}},
],
# NOTE1: with RH9: force the dynamic linker to look at /lib/libc.so.6 before
# anything else by setting environment variable LD_PRELOAD=/lib/libc.so.6
# and then clear it when finished to avoid confusing anything else.
# NOTE2: to treat encrypted files as viruses replace the [13] with:
# qr/^\s{5,}(Found|is password-protected|.*(virus|trojan))/
### http://www.virusbuster.hu/en/
['VirusBuster', ['vbuster', 'vbengcl'],
# VirusBuster Ltd. does not support the daemon version for the workstation
# engine (vbuster-eng-1.12-linux-i386-libc6.tgz) any longer. The names of
# binaries, some parameters AND return codes have changed (from 3 to 1).
"{} -ss -i '*' -log=$MYHOME/vbuster.log", [0], [1],
qr/: '(.*)' - Virus/ ],
### http://www.cyber.com/
['CyberSoft VFind', 'vfind',
'--vexit {}/*', [0], [23], qr/##==>>>> VIRUS ID: CVDL (.+)/,
# sub {$ENV{VSTK_HOME}='/usr/lib/vstk'},
],
### http://www.ikarus-software.com/
['Ikarus AntiVirus for Linux', 'ikarus',
'{}', [0], [40], qr/Signature (.+) found/ ],
### http://www.bitdefender.com/
['BitDefender', 'bdc',
'--all --arc --mail {}', qr/^Infected files *:0+(?!\d)/,
qr/^(?:Infected files|Identified viruses|Suspect files) *:0*[1-9]/,
qr/(?:suspected|infected): (.*)(?:\033|$)/ ],
);
@av_scanners_backup = (
### http://www.clamav.net/ - backs up clamd or Mail::ClamAV
['ClamAV-clamscan', 'clamscan',
"--stdout --disable-summary -r --tempdir=$TEMPBASE {}", [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
### http://www.f-prot.com/ - backs up F-Prot Daemon
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -ai -packed -server {}', [0,8], [3,6],
qr/Infection: (.+)/ ],
### http://www.trendmicro.com/ - backs up Trophie
['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
'-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
### http://www.sald.com/, http://drweb.imshop.de/ - backs up DrWebD
['drweb - DrWeb Antivirus',
['/usr/local/drweb/drweb', '/opt/drweb/drweb', 'drweb'],
'-path={} -al -go -ot -cn -upn -ok-',
[0,32], [1,9,33], qr' infected (?:with|by)(?: virus)? (.*)$'],
['KasperskyLab kavscanner', ['/opt/kav/bin/kavscanner','kavscanner'],
'-i1 -xp {}', [0,10,15], [5,20,21,25],
qr/(?:CURED|INFECTED|CUREFAILED|WARNING|SUSPICION) (.*)/ ,
sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
);
1; # insure a defined return
Ich verwende eine Datenbank in MySQL für amavis. Die Benutzer können über Horde (http://www.horde.org) jeweils die Einstellungen ändern. Ich poste Dir hier mal die sample Daten (meine sind einwenig anders... aber das ist nicht relevant):
--
-- Database: `amavisd`
--
-- --------------------------------------------------------
--
-- Table structure for table `mailaddr`
--
CREATE TABLE `mailaddr` (
`id` int(10) unsigned NOT NULL auto_increment,
`priority` int(11) NOT NULL default '7',
`email` varchar(255) NOT NULL default '',
PRIMARY KEY (`id`),
UNIQUE KEY `mailaddr_idx_email` (`email`),
KEY `email` (`email`)
) TYPE=MyISAM AUTO_INCREMENT=8 ;
--
-- Dumping data for table `mailaddr`
--
INSERT INTO `mailaddr` VALUES (1, 5, '@example.com');
INSERT INTO `mailaddr` VALUES (2, 9, 'owner-postfix-users at postfix.org');
INSERT INTO `mailaddr` VALUES (3, 9, 'amavis-user-admin at lists.sourceforge.net');
INSERT INTO `mailaddr` VALUES (4, 9, 'makemoney at example.com');
INSERT INTO `mailaddr` VALUES (5, 5, '@example.net');
INSERT INTO `mailaddr` VALUES (6, 9, 'spamassassin-talk-admin at lists.sourceforge.net');
INSERT INTO `mailaddr` VALUES (7, 9, 'spambayes-bounces at python.org');
-- --------------------------------------------------------
--
-- Table structure for table `policy`
--
CREATE TABLE `policy` (
`id` int(10) unsigned NOT NULL auto_increment,
`policy_name` varchar(32) default NULL,
`virus_lover` char(1) default NULL,
`spam_lover` char(1) default NULL,
`banned_files_lover` char(1) default NULL,
`bad_header_lover` char(1) default NULL,
`bypass_virus_checks` char(1) default NULL,
`bypass_spam_checks` char(1) default NULL,
`bypass_banned_checks` char(1) default NULL,
`bypass_header_checks` char(1) default NULL,
`spam_modifies_subj` char(1) default NULL,
`virus_quarantine_to` varchar(64) default NULL,
`spam_quarantine_to` varchar(64) default NULL,
`banned_quarantine_to` varchar(64) default NULL,
`bad_header_quarantine_to` varchar(64) default NULL,
`spam_tag_level` float default NULL,
`spam_tag2_level` float default NULL,
`spam_kill_level` float default NULL,
`spam_dsn_cutoff_level` float default NULL,
`addr_extension_virus` varchar(64) default NULL,
`addr_extension_spam` varchar(64) default NULL,
`addr_extension_banned` varchar(64) default NULL,
`addr_extension_bad_header` varchar(64) default NULL,
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=15 ;
--
-- Dumping data for table `policy`
--
INSERT INTO `policy` VALUES (1, 'Non-paying', 'N', 'N', 'N', 'N', 'Y', 'Y', 'Y', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 7, 10, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (2, 'Uncensored', 'Y', 'Y', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', NULL, NULL, NULL, NULL, 3, 999, 999, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (3, 'Wants all spam', 'N', 'Y', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 999, 999, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (4, 'Wants viruses', 'Y', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 6.9, 6.9, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (5, 'Normal', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 6.9, 6.9, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (6, 'Trigger happy', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 5, 5, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (7, 'Permissive', 'N', 'N', 'N', 'Y', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 10, 20, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (8, '6.5/7.8', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', NULL, NULL, NULL, NULL, 3, 6.5, 7.8, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (9, 'userB', 'N', 'N', 'N', 'Y', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 3, 6.3, 6.3, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (10, 'userC', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', NULL, NULL, NULL, NULL, 3, 6, 6, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (11, 'userD', 'Y', 'N', 'Y', 'Y', 'N', 'N', 'N', 'N', 'N', NULL, NULL, NULL, NULL, 3, 7, 7, NULL, NULL, NULL, NULL, NULL);
INSERT INTO `policy` VALUES (12, '4 subfolders', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 2.3, 6.33, 6.73, 9.3, 'virus', 'spam', 'banned', 'badh');
INSERT INTO `policy` VALUES (13, '2 subfolders', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'Y', NULL, NULL, NULL, NULL, 2.3, 6.33, 6.73, 9.3, 'caution', 'spam', 'caution', 'caution');
INSERT INTO `policy` VALUES (14, 'next', NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
-- --------------------------------------------------------
--
-- Table structure for table `users`
--
CREATE TABLE `users` (
`id` int(10) unsigned NOT NULL auto_increment,
`priority` int(11) NOT NULL default '7',
`policy_id` int(10) unsigned NOT NULL default '1',
`email` varchar(255) NOT NULL default '',
`fullname` varchar(255) default NULL,
`local` char(1) default NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `users_idx_email` (`email`),
KEY `email` (`email`)
) TYPE=MyISAM AUTO_INCREMENT=21 ;
--
-- Dumping data for table `users`
--
INSERT INTO `users` VALUES (1, 9, 5, 'user1+foo at y.example.com', 'Name1 Surname1', 'Y');
INSERT INTO `users` VALUES (2, 7, 5, 'user1 at y.example.com', 'Name1 Surname1', 'Y');
INSERT INTO `users` VALUES (3, 7, 2, 'user2 at y.example.com', 'Name2 Surname2', 'Y');
INSERT INTO `users` VALUES (4, 7, 7, 'user3 at z.example.com', 'Name3 Surname3', 'Y');
INSERT INTO `users` VALUES (5, 7, 7, 'user4 at example.com', 'Name4 Surname4', 'Y');
INSERT INTO `users` VALUES (6, 7, 1, 'user5 at example.com', 'Name5 Surname5', 'Y');
INSERT INTO `users` VALUES (7, 5, 0, '@sub1.example.com', NULL, 'Y');
INSERT INTO `users` VALUES (8, 5, 7, '@sub2.example.com', NULL, 'Y');
INSERT INTO `users` VALUES (9, 5, 5, '@example.com', NULL, 'Y');
INSERT INTO `users` VALUES (10, 3, 8, 'userA', 'NameA SurnameA anywhere', 'Y');
INSERT INTO `users` VALUES (11, 3, 9, 'userB', 'NameB SurnameB', 'Y');
INSERT INTO `users` VALUES (12, 3, 10, 'userC', 'NameC SurnameC', 'Y');
INSERT INTO `users` VALUES (13, 3, 11, 'userD', 'NameD SurnameD', 'Y');
INSERT INTO `users` VALUES (14, 3, 0, '@sub1.example.net', NULL, 'Y');
INSERT INTO `users` VALUES (15, 3, 7, '@sub2.example.net', NULL, 'Y');
INSERT INTO `users` VALUES (16, 3, 5, '@example.net', NULL, 'Y');
INSERT INTO `users` VALUES (17, 7, 5, 'u1 at example.org', 'u1', 'Y');
INSERT INTO `users` VALUES (18, 7, 6, 'u2 at example.org', 'u2', 'Y');
INSERT INTO `users` VALUES (19, 7, 3, 'u3 at example.org', 'u3', 'Y');
INSERT INTO `users` VALUES (20, 1, 5, '@.', 'Catch All', 'Y');
-- --------------------------------------------------------
--
-- Table structure for table `wblist`
--
CREATE TABLE `wblist` (
`rid` int(10) unsigned NOT NULL default '0',
`sid` int(10) unsigned NOT NULL default '0',
`wb` varchar(10) NOT NULL default '',
PRIMARY KEY (`rid`,`sid`)
) TYPE=MyISAM;
--
-- Dumping data for table `wblist`
--
INSERT INTO `wblist` VALUES (14, 1, 'W');
INSERT INTO `wblist` VALUES (14, 3, 'W');
INSERT INTO `wblist` VALUES (17, 2, 'W');
INSERT INTO `wblist` VALUES (17, 3, 'W');
INSERT INTO `wblist` VALUES (17, 6, 'W');
INSERT INTO `wblist` VALUES (17, 7, 'W');
INSERT INTO `wblist` VALUES (17, 5, 'B');
INSERT INTO `wblist` VALUES (17, 4, 'B');
Okay... nun zu DSPAM. Ich weiss nicht, ob Dir das verwendete Ebuild von Gentoo was bringt? Aber ich poste es mal dennoch (ist die Variante, welche ich bei mir im Einsatz habe und welches ich selbst verändert/angepasst habe):
cat /mnt/gentoo.overlay/mail-filter/dspam/dspam-3.4_beta3-r1.ebuild
# Copyright 1999-2005 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/mail-filter/dspam/dspam-3.4_beta3-r1.ebuild,v 1.1 2005/02/09 Exp $
inherit eutils
MY_PV=${PV/_beta/.beta.}
S=${WORKDIR}/${PN}-${MY_PV}
DESCRIPTION="A statistical-algorithmic hybrid anti-spam filter"
SRC_URI="http://dspam.nuclearelephant.com/sources/${PN}-${MY_PV}.tar.gz
http://dspam.nuclearelephant.com/sources/extras/dspam_sa_trainer.tar.gz"
HOMEPAGE="http://dspam.nuclearelephant.com/"
LICENSE="GPL-2"
IUSE="cyrus debug exim mysql maildrop neural oci8 postgres procmail sqlite sqlite3 large-domain"
DEPEND="exim? ( >=mail-mta/exim-4.34 )
mysql? ( >=dev-db/mysql-3.23 ) || ( >=sys-libs/db-4.0 )
maildrop? ( >=mail-filter/maildrop-1.5.3 )
sqlite? ( <dev-db/sqlite-3 )
sqlite3? ( >=dev-db/sqlite-3 )
postgres? ( >=dev-db/postgresql-7.4.3 )
procmail? ( >=mail-filter/procmail-3.22 )
x86? ( cyrus? ( >=net-mail/cyrus-imapd-2.1.15 ) )
>=sys-libs/db-4.0
"
RDEPEND="sys-apps/cronbase
app-admin/logrotate"
KEYWORDS="~x86 ~ppc ~alpha"
SLOT="0"
# some FHS-like structure
HOMEDIR="/etc/mail/dspam"
DATADIR="/var/spool/dspam"
LOGDIR="/var/log/dspam"
pkg_setup() {
local multiple_dbs="0"
local supported_dbs="mysql postgres oci8 sqlite sqlite3"
for foo in ${supported_dbs}
do
if use ${foo}
then
let multiple_dbs="((multiple_dbs + 1 ))"
einfo " ${foo} database support in your USE flags."
fi
done
if [ "${multiple_dbs}" -ge "2" ]
then
echo
ewarn "You have multiple database backends active in your USE flags."
ewarn "Will default to MySQL as your dspam database backend."
ewarn "If you want to build with another database backend; hit Control-C now."
ewarn "Change your USE flag -mysql and emerge again."
echo
has_version ">=sys-apps/portage-2.0.50" && (
einfo "It would be best practice to add the set of USE flags that you use for this"
einfo "package to the file: /etc/portage/package.use. Example:"
einfo "\`echo \"mail-filter/dspam -mysql postgres -oci8 -sqlite\" >> /etc/portage/package.use\`"
einfo "to build dspam with Postgres database as your dspam backend."
)
echo
ewarn "Waiting 30 seconds before starting..."
ewarn "(Control-C to abort)..."
epause 30
elif [ "${multiple_dbs}" -eq "0" ]
then
echo
ewarn "You need to select at least one database backend in your USE flags."
ewarn "Please enable one of the following USE flags:"
ewarn " ${supported_dbs}"
echo
die "Database support missing"
fi
id dspam 2>/dev/null || enewgroup dspam 26
id dspam 2>/dev/null || enewuser dspam 26 /bin/bash ${HOMEDIR} dspam
}
src_compile() {
local myconf
# these are the default settings
#myconf="${myconf} --enable-daemon"
#myconf="${myconf} --enable-nodalcore"
#myconf="${myconf} --enable-homedir"
myconf="${myconf} --enable-long-username"
#myconf="${myconf} --enable-broken-mta"
if use large-domain; then
myconf="${myconf} --enable-large-scale"
else
myconf="${myconf} --enable-domain-scale"
fi
## ALGORITHM ACTIVATION
##
## myconf="${myconf} --enable-robinson"
## myconf="${myconf} --enable-chi-square"
## myconf="${myconf} --enable-robinson-pvalues"
## --enable-daemon
## --disable-bias
## --disable-graham-bayesian
## --disable-burton-bayesian
## --enable-robinson
myconf="${myconf} --enable-source-address-tracking"
myconf="${myconf} --enable-spam-subject"
myconf="${myconf} --enable-signature-headers"
myconf="${myconf} --enable-whitelist"
##
myconf="${myconf} --with-dspam-mode=4755"
myconf="${myconf} --with-dspam-owner=dspam"
myconf="${myconf} --with-dspam-group=dspam"
myconf="${myconf} --with-dspam-home=${HOMEDIR} --sysconfdir=${HOMEDIR}"
myconf="${myconf} --with-logdir=${LOGDIR}"
# enables support for debugging (touch /etc/dspam/.debug to turn on)
# optional: even MORE debugging output, use with extreme caution!
use debug && myconf="${myconf} --enable-debug --enable-verbose-debug"
# select storage driver
if use mysql; then
myconf="${myconf} --with-storage-driver=mysql_drv"
myconf="${myconf} --with-mysql-includes=/usr/include/mysql"
myconf="${myconf} --with-mysql-libraries=/usr/lib/mysql"
myconf="${myconf} --enable-virtual-users"
myconf="${myconf} --enable-preferences-extension"
# an experimental feature available with MySQL and PgSQL backend
if use neural ; then
myconf="${myconf} --enable-neural-networking"
fi
elif use postgres ; then
myconf="${myconf} --with-storage-driver=pgsql_drv"
myconf="${myconf} --with-pgsql-includes=/usr/include/postgresql"
myconf="${myconf} --with-pgsql-libraries=/usr/lib/postgresql"
myconf="${myconf} --enable-virtual-users"
myconf="${myconf} --enable-preferences-extension"
# an experimental feature available with MySQL and PgSQL backend
if use neural ; then
myconf="${myconf} --enable-neural-networking"
fi
elif use oci8 ; then
myconf="${myconf} --with-storage-driver=ora_drv"
myconf="${myconf} --with-oracle-home=${ORACLE_HOME}"
myconf="${myconf} --enable-virtual-users"
myconf="${myconf} --enable-preferences-extension"
# I am in no way a Oracle specialist. If someone knows
# how to query the version of Oracle, then let me know.
if (expr ${ORACLE_HOME/*\/} : 10 1>/dev/null 2>&1)
then
--with-oracle-version=MAJOR
myconf="${myconf} --with-oracle-version=10"
fi
elif use sqlite ; then
myconf="${myconf} --with-storage-driver=sqlite_drv"
myconf="${myconf} --enable-virtual-users"
else
myconf="${myconf} --with-storage-driver=libdb4_drv"
fi
econf ${myconf} || die
emake || die
}
src_install () {
# open up perms on /etc/mail/dspam
diropts -m0775 -o dspam -g dspam
dodir ${HOMEDIR}
keepdir ${HOMEDIR}
# keeps dspam data in /var
diropts -m0775 -o dspam -g dspam
dodir ${DATADIR}
keepdir ${DATADIR}
# keeps dspam log in /var/log
diropts -m0775 -o dspam -g dspam
dodir ${LOGDIR}
keepdir ${LOGDIR}
# ${HOMEDIR}/data is a symlink to ${DATADIR}
dosym ${DATADIR} ${HOMEDIR}/data
# make install
sed -e 's/rm -f ..mandir.\(.*\)/rm -f ${D}${mandir}\1/g' \
-e 's/ln -s ..mandir.\(.*\) ..mandir.\(.*3\)/ln -s ${mandir}\1.gz ${D}${mandir}\2.gz/g' \
-i Makefile
make DESTDIR=${D} install || die
chmod 4755 ${D}/usr/bin/dspam
chmod 4755 ${D}/usr/bin/dspam_stats
# documentation
dodoc CHANGELOG LICENSE README* RELEASE.NOTES
dodoc ${FILESDIR}/README.postfix ${FILESDIR}/README.qmail
if use mysql; then
dodoc src/tools.mysql_drv/README
elif use postgres ; then
dodoc src/tools.pgsql_drv/README
elif use oci8 ; then
dodoc src/tools.ora_drv/README
elif use sqlite ; then
dodoc src/tools.sqlite_drv/README
fi
doman man/dspam*
dodoc ${DISTDIR}/dspam_sa_trainer.tar.gz
# build some initial configuration data
# Copy existing dspam.conf
[ -f ${HOMEDIR}/dspam.conf ] && cp ${HOMEDIR}/dspam.conf ${T}/dspam.conf
# If no existing dspam.conf
if [ ! -f ${HOMEDIR}/dspam.conf ]; then
cp ${D}${HOMEDIR}/dspam.conf ${T}/dspam.conf
if use cyrus; then
echo "UntrustedDeliveryAgent /usr/lib/cyrus/deliver %u" >> ${T}/dspam.conf
dosed 's:/usr/bin/procmail:/usr/lib/cyrus/deliver %u:g' ${T}/dspam.conf
elif use exim; then
echo "UntrustedDeliveryAgent /usr/sbin/exim -oMr spam-scanned %u" >> ${T}/dspam.conf
dosed 's:/usr/bin/procmail:/usr/sbin/exim -oMr spam-scanned %u:g' ${T}/dspam.conf
elif use maildrop; then
echo "UntrustedDeliveryAgent /usr/bin/maildrop -d %u" >> ${T}/dspam.conf
dosed 's:/usr/bin/procmail:/usr/bin/maildrop -d %u:g' ${T}/dspam.conf
elif use procmail; then
echo "UntrustedDeliveryAgent /usr/bin/procmail" >> ${T}/dspam.conf
else
echo "UntrustedDeliveryAgent /usr/sbin/sendmail" >> ${T}/dspam.conf
sed 's:/usr/bin/procmail:/usr/sbin/sendmail:g' ${T}/dspam.conf
fi
fi
local PASSWORD="${RANDOM}${RANDOM}${RANDOM}${RANDOM}"
# database related configuration and scripts
insinto ${HOMEDIR}
insopts -m644 -o dspam -g dspam
if use mysql; then
if [ -f ${HOMEDIR}/mysql.data ]; then
# Use an existing password
PASSWORD="$(tail -n 2 ${HOMEDIR}/mysql.data | head -n 1 )"
else
# Create the mysql.data file
echo "MySQLServer /var/run/mysqld/mysqld.sock" >> ${T}/mysql.data
echo "MySQLPort" >> ${T}/mysql.data
echo "MySQLUser dspam" >> ${T}/mysql.data
echo "MySQLPass ${PASSWORD}" >> ${T}/mysql.data
echo "MySQLDb dspam" >> ${T}/mysql.data
echo "MySQLCompress true" >> ${T}/mysql.data
[ -z "`grep '^MySQL' ${D}/${HOMEDIR}/dspam.conf`" ] && cat ${T}/mysql.data >> ${T}/dspam.conf
sed -e 's/^MySQL[A-Za-z]* *//g' -i ${T}/mysql.data
doins ${T}/mysql.data
fi
newins src/tools.mysql_drv/mysql_objects-space.sql mysql_objects-space.sql
newins src/tools.mysql_drv/mysql_objects-speed.sql mysql_objects-speed.sql
newins src/tools.mysql_drv/mysql_objects-4.1.sql mysql_objects-4.1.sql
newins src/tools.mysql_drv/virtual_users.sql mysql_virtual_users.sql
newins src/tools.mysql_drv/neural.sql mysql_neural.sql
newins src/tools.mysql_drv/purge.sql mysql_purge.sql
newins src/tools.mysql_drv/purge-4.1.sql mysql_purge-4.1.sql
elif use postgres ; then
if [ -f ${HOMEDIR}/pgsql.data ]; then
# Use an existing password
PASSWORD="$(tail -n 2 ${HOMEDIR}/pgsql.data | head -n 1 )"
else
# Create the pgsql.data file
echo "PgSQLServer 127.0.0.1" >> ${T}/pgsql.data
echo "PgSQLPort 5432" >> ${T}/pgsql.data
echo "PgSQLUser dspam" >> ${T}/pgsql.data
echo "PgSQLPass ${PASSWORD}" >> ${T}/pgsql.data
echo "PgSQLDb dspam" >> ${T}/pgsql.data
[ -z "`grep '^PgSQL' ${D}/${HOMEDIR}/dspam.conf`" ] && cat ${T}/pgsql.data >> ${T}/dspam.conf
sed -e 's/^PgSQL[A-Za-z]* *//g' -i ${T}/pgsql.data
doins ${T}/pgsql.data
fi
newins src/tools.pgsql_drv/pgsql_objects.sql pgsql_objects.sql
newins src/tools.pgsql_drv/virtual_users.sql pgsql_virtual_users.sql
newins src/tools.pgsql_drv/purge.sql pgsql_purge.sql
elif use oci8 ; then
if [ -f ${HOMEDIR}/oracle.data ]; then
# Use an existing password
PASSWORD="$(tail -n 2 ${HOMEDIR}/oracle.data | head -n 1 )"
else
# Create the pgsql.data file
echo "OraServer (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=127.0.0.1)(PORT=1521))(CONNECT_DATA=(SID=PROD)))" >>${T}/oracle.data
echo "OraUser dspam" >>${T}/oracle.data
echo "OraPass ${PASSWORD}" >>${T}/oracle.data
echo "OraSchema dspam" >>${T}/oracle.data
[ -z "`grep '^Ora' ${D}/${HOMEDIR}/dspam.conf`" ] && cat ${T}/oracle.data >> ${T}/dspam.conf
sed -e 's/^Ora[A-Za-z]* *//g' -i ${T}/oracle.data
doins ${T}/oracle.data
fi
newins src/tools.ora_drv/oral_objects.sql ora_objects.sql
newins src/tools.ora_drv/virtual_users.sql ora_virtual_users.sql
newins src/tools.ora_drv/purge.sql ora_purge.sql
elif use sqlite ; then
newins src/tools.sqlite_drv/purge.sql sqlite_purge.sql
fi
insinto ${HOMEDIR}
insopts -m644 -o dspam -g dspam
doins ${T}/dspam.conf
# installs the notification messages
diropts -m0775 -o dspam -g dspam
dodir ${HOMEDIR}/txt
keepdir ${HOMEDIR}/txt
insinto ${HOMEDIR}/txt
insopts -m644 -o dspam -g dspam
for foo in ${S}/txt/*.txt; do
if [ ! -f "${ROOT}/${HOMEDIR}/txt/$(basename ${foo})" ]; then
doins ${foo}
fi
done
# Create the opt-in / opt-out directories
diropts -m0775 -o dspam -g dspam
dodir ${HOMEDIR}/opt-in
keepdir ${HOMEDIR}/opt-in
dodir ${HOMEDIR}/opt-out
keepdir ${HOMEDIR}/opt-out
# installs the logrotation scripts to the logrotate.d directory
diropts -m0755 -o dspam -g dspam
dodir /etc/logrotate.d
keepdir /etc/logrotate.d
insinto /etc/logrotate.d
insopts -m0755 -o dspam -g dspam
newins ${FILESDIR}/logrotate.dspam dspam
# installs the cron job to the cron directory
diropts -m0755 -o dspam -g dspam
dodir /etc/cron.daily
keepdir /etc/cron.daily
exeinto /etc/cron.daily
exeopts -m0755 -o dspam -g dspam
doexe ${FILESDIR}/dspam.cron
# dspam enviroment
echo -ne "CONFIG_PROTECT_MASK=\"${HOMEDIR}\"\n\n" > ${T}/40dspam
doenvd ${T}/40dspam || die
}
pkg_postinst() {
if use mysql || use postgres; then
einfo "To setup dspam to run out-of-the-box on your system with a mysql or pgsql database, run:"
einfo "ebuild /var/db/pkg/${CATEGORY}/${PF}/${PF}.ebuild config"
fi
if use exim ; then
echo
einfo "To use dspam in conjunction with your exim system, you should read the README"
fi
}
pkg_config () {
if use mysql ; then
[[ -f ${HOMEDIR}/mysql.data ]] && mv -f ${HOMEDIR}/mysql.data ${HOMEDIR}
DSPAM_MySQL_USER="$(head -n 3 ${HOMEDIR}/mysql.data|tail -n 1)"
DSPAM_MySQL_PWD="$(head -n 4 ${HOMEDIR}/mysql.data|tail -n 1)"
DSPAM_MySQL_DB="$(head -n 5 ${HOMEDIR}/mysql.data|tail -n 1)"
ewarn "When prompted for a password, please enter your MySQL root password"
ewarn ""
einfo "Creating DSPAM MySQL database \"${DSPAM_MySQL_DB}\""
/usr/bin/mysqladmin -u root -p create ${DSPAM_MySQL_DB}
einfo "Creating DSPAM MySQL tables for data objects"
einfo " Please select what kind of object database you like to use."
einfo " [1] Space optimized database"
einfo " [2] Speed optimized database"
einfo
while true
do
read -n 1 -s -p " Press 1 or 2 on the keyboard to select database" DSPAM_MySQL_DB_Type
[[ "${DSPAM_MySQL_DB_Type}" == "1" || "${DSPAM_MySQL_DB_Type}" == "2" ]] && break
done
if [ "${DSPAM_MySQL_DB_Type}" == "1" ]
then
/usr/bin/mysql -u root -p ${DSPAM_MySQL_DB} < ${HOMEDIR}/mysql_objects-space.sql
else
/usr/bin/mysql -u root -p ${DSPAM_MySQL_DB} < ${HOMEDIR}/mysql_objects-speed.sql
fi
einfo "Creating DSPAM MySQL database for virtual users"
/usr/bin/mysql -u root -p ${DSPAM_MySQL_DB} < ${HOMEDIR}/mysql_virtual_users.sql
if use neural ; then
/usr/bin/mysql -u root -p ${DSPAM_MySQL_DB} < ${HOMEDIR}/mysql_neural.sql
fi
einfo "Creating DSPAM MySQL user \"${DSPAM_MySQL_USER}\""
/usr/bin/mysql -u root -p -e "GRANT SELECT,INSERT,UPDATE,DELETE ON ${DSPAM_MySQL_DB}.* TO ${DSPAM_MySQL_USER}@localhost IDENTIFIED BY '${DSPAM_MySQL_PWD}';FLUSH PRIVILEGES;" -D mysql
elif use postgres ; then
[[ -f ${HOMEDIR}/pgsql.data ]] && mv -f ${HOMEDIR}/pgsql.data ${HOMEDIR}
DSPAM_PgSQL_USER="$(head -n 3 ${HOMEDIR}/pgsql.data|tail -n 1)"
DSPAM_PgSQL_PWD="$(head -n 4 ${HOMEDIR}/pgsql.data|tail -n 1)"
DSPAM_PgSQL_DB="$(head -n 5 ${HOMEDIR}/pgsql.data|tail -n 1)"
ewarn "When prompted for a password, please enter your PgSQL postgres password"
ewarn ""
einfo "Creating DSPAM PostgreSQL user \"${DSPAM_PgSQL_USER}\""
/usr/bin/psql -d template1 -U postgres -c "CREATE USER ${DSPAM_PgSQL_USER} WITH PASSWORD '${DSPAM_PgSQL_PWD}' NOCREATEDB NOCREATEUSER;" 1>/dev/null 2>&1
einfo "Creating DSPAM PostgreSQL database \"${DSPAM_PgSQL_DB}\""
/usr/bin/psql -d template1 -U postgres -c "CREATE DATABASE ${DSPAM_PgSQL_DB};" 1>/dev/null 2>&1
einfo "Getting DSPAM PostgreSQL userid for \"${DSPAM_PgSQL_USER}\""
DSPAM_PgSQL_USERID=$(/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -t -c "SELECT usesysid FROM pg_user WHERE usename='${DSPAM_PgSQL_USER}';" | head -n1 | sed "s/^[ ]*\([^ ]*\).*/\1/g")
einfo " UserID: ${DSPAM_PgSQL_USERID}"
einfo "Getting DSPAM PostgreSQL databaseid for \"${DSPAM_PgSQL_DB}\""
DSPAM_PgSQL_DBID=$(/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -t -c "SELECT datdba FROM pg_database WHERE datname='${DSPAM_PgSQL_DB}';" | head -n1 | sed "s/^[ ]*\([^ ]*\).*/\1/g")
einfo " DBID: ${DSPAM_PgSQL_DBID}"
einfo "Changing owner of DSPAM PostgreSQL database \"${DSPAM_PgSQL_DB}\" to \"${DSPAM_PgSQL_USER}\""
/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -c "UPDATE pg_database SET datdba=${DSPAM_PgSQL_USERID} WHERE datname='${DSPAM_PgSQL_DB}';" 1>/dev/null 2>&1
einfo "Creating DSPAM PostgreSQL tables"
PGUSER=${DSPAM_PgSQL_USER} PGPASSWORD=${DSPAM_PgSQL_PWD} /usr/bin/psql -d ${DSPAM_PgSQL_DB} -U ${DSPAM_PgSQL_USER} -f ${HOMEDIR}/pgsql_objects.sql 1>/dev/null 2>&1
PGUSER=${DSPAM_PgSQL_USER} PGPASSWORD=${DSPAM_PgSQL_PWD} /usr/bin/psql -d ${DSPAM_PgSQL_DB} -U ${DSPAM_PgSQL_USER} -f ${HOMEDIR}/pgsql_virtual_users.sql 1>/dev/null 2>&1
einfo "Grant privileges to DSPAM PostgreSQL objects to \"${DSPAM_PgSQL_USER}\""
for foo in $(/usr/bin/psql -t -d ${DSPAM_PgSQL_DB} -U postgres -c "SELECT tablename FROM pg_tables WHERE tablename LIKE 'dspam\%';")
do
/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -c "GRANT ALL PRIVILEGES ON TABLE ${foo} TO ${DSPAM_PgSQL_USER};" 1>/dev/null 2>&1
done
/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE ${DSPAM_PgSQL_DB} TO ${DSPAM_PgSQL_USER};" 1>/dev/null 2>&1
/usr/bin/psql -d ${DSPAM_PgSQL_DB} -U postgres -c "GRANT ALL PRIVILEGES ON SCHEMA public TO ${DSPAM_PgSQL_USER};" 1>/dev/null 2>&1
elif use oci8 ; then
[[ -f ${HOMEDIR}/oracle.data ]] && mv -f ${HOMEDIR}/oracle.data ${HOMEDIR}
elif use sqlite ; then
einfo "sqlite_drv will automatically create the necessary database"
einfo "objects for each user upon first use of DSPAM by that user."
fi
}
Bei meinem jetzigen Setup wären dann folgende flags aktiv:
--enable-long-username --enable-large-scale --enable-source-address-tracking --enable-spam-subject --enable-signature-headers --enable-whitelist --with-dspam-mode=4755 --with-dspam-owner=dspam --with-dspam-group=dspam --with-dspam-home=/etc/mail/dspam --sysconfdir=/etc/mail/dspam --with-logdir=/var/log/dspam --with-storage-driver=mysql_drv --with-mysql-includes=/usr/include/mysql --with-mysql-libraries=/usr/lib/mysql --enable-virtual-users --enable-preferences-extension --enable-neural-networking
Ich bin ewig am herumnörgeln wegen dem DSPAM Ebuild bei Gentoo. Leider bringt es nicht immmer was. Darum habe ich angefangen mein eigenes Ebuild zu pflegen. Hier nur ein kleiner Teil der Meldungen in bugs.gentoo.org wegen DSPAM von mir:
http://bugs.gentoo.org/show_bug.cgi?id=81345
http://bugs.gentoo.org/show_bug.cgi?id=68762
http://bugs.gentoo.org/show_bug.cgi?id=61564
Für das Pflegen der Datenbank von DSPAM habe ich mir ein Skript gemacht, welches generisch die verschiedenen Datenbanken bearbeiten kann (Sequenziell. Die erste DB-Konfiguration die das Skript findet wird durchgeführt und die anderen werden ignoriert). Ich habe das Skript extra so generisch gemacht, damit es überhaupt in das Gentoo Portage rein kommt:
#!/bin/bash
# Remove old signatures and unimportant tokens from the DSPAM database
for foo in awk head tail
do
DSPAM_Check_App="$(${foo} --version 2>&1)"
if [[ "${DSPAM_Check_App/ *}" == "bash:" ]]
then
echo "Command ${foo} not found."
exit 1
fi
done
DSPAM_HOMEDIR="$(grep ^dspam /etc/passwd|awk -F : '{print $6}')"
[[ ! -d "${DSPAM_HOMEDIR}" ]] && exit 2
if [[ -f "${DSPAM_HOMEDIR}/mysql.data" ]]
then
DSPAM_MySQL_PURGE_SQL=""
[[ -f "${DSPAM_HOMEDIR}/config/mysql_purge.sql" ]] && DSPAM_MySQL_PURGE_SQL="${DSPAM_HOMEDIR}/config/mysql_purge.sql"
[[ -f "${DSPAM_HOMEDIR}/mysql_purge.sql" ]] && DSPAM_MySQL_PURGE_SQL="${DSPAM_HOMEDIR}/mysql_purge.sql"
[[ "${DSPAM_MySQL_PURGE_SQL}" == "" ]] && exit 3
[[ ! -f "/usr/bin/mysql" ]] && exit 4
DSPAM_MySQL_HOST="$(cat ${DSPAM_HOMEDIR}/mysql.data|head -n 1|tail -n 1)"
DSPAM_MySQL_PORT="$(cat ${DSPAM_HOMEDIR}/mysql.data|head -n 2|tail -n 1)"
DSPAM_MySQL_USER="$(cat ${DSPAM_HOMEDIR}/mysql.data|head -n 3|tail -n 1)"
DSPAM_MySQL_PWD="$(cat ${DSPAM_HOMEDIR}/mysql.data|head -n 4|tail -n 1)"
DSPAM_MySQL_DB="$(cat ${DSPAM_HOMEDIR}/mysql.data|head -n 5|tail -n 1)"
(/usr/bin/mysql -u ${DSPAM_MySQL_USER} -p"${DSPAM_MySQL_PWD}" ${DSPAM_MySQL_DB} < ${DSPAM_MySQL_PURGE_SQL}) 1>/dev/null 2>&1
MYRC="$?"
for foo in $(/usr/bin/mysql -u ${DSPAM_MySQL_USER} -p"${DSPAM_MySQL_PWD}" ${DSPAM_MySQL_DB} -e 'SHOW TABLES;' 2>&1 | grep -v "^+\|^Tables_in_${DSPAM_MySQL_DB}")
do
(/usr/bin/mysql -u ${DSPAM_MySQL_USER} -p"${DSPAM_MySQL_PWD}" ${DSPAM_MySQL_DB} -e "OPTIMIZE TABLE ${foo};") 1>/dev/null 2>&1
done
exit ${MYRC}
elif [[ -f "${DSPAM_HOMEDIR}/pgsql.data" ]]
then
DSPAM_PgSQL_PURGE_SQL=""
[[ -f "${DSPAM_HOMEDIR}/config/pgsql_purge.sql" ]] && DSPAM_PgSQL_PURGE_SQL="${DSPAM_HOMEDIR}/config/pgsql_purge.sql"
[[ -f "${DSPAM_HOMEDIR}/pgsql_purge.sql" ]] && DSPAM_PgSQL_PURGE_SQL="${DSPAM_HOMEDIR}/pgsql_purge.sql"
[[ "${DSPAM_PgSQL_PURGE_SQL}" == "" ]] && exit 3
[[ ! -f "/usr/bin/psql" ]] && exit 4
DSPAM_PgSQL_HOST="$(cat ${DSPAM_HOMEDIR}/pgsql.data|head -n 1|tail -n 1)"
DSPAM_PgSQL_PORT="$(cat ${DSPAM_HOMEDIR}/pgsql.data|head -n 2|tail -n 1)"
DSPAM_PgSQL_USER="$(cat ${DSPAM_HOMEDIR}/pgsql.data|head -n 3|tail -n 1)"
DSPAM_PgSQL_PWD="$(cat ${DSPAM_HOMEDIR}/pgsql.data|head -n 4|tail -n 1)"
DSPAM_PgSQL_DB="$(cat ${DSPAM_HOMEDIR}/pgsql.data|head -n 5|tail -n 1)"
(PGUSER=${DSPAM_PgSQL_USER} PGPASSWORD=${DSPAM_PgSQL_PWD} /usr/bin/psql -U ${DSPAM_PgSQL_USER} -d ${DSPAM_PgSQL_DB} -p ${DSPAM_PgSQL_PORT} -h ${DSPAM_PgSQL_HOST} -f ${DSPAM_PgSQL_PURGE_SQL}) 1>/dev/null 2>&1
exit $?
elif [[ -f "${DSPAM_HOMEDIR}/oracle.data" ]]
then
DSPAM_Oracle_PURGE_SQL=""
[[ -f "${DSPAM_HOMEDIR}/config/ora_purge.sql" ]] && DSPAM_Oracle_PURGE_SQL="${DSPAM_HOMEDIR}/config/ora_purge.sql"
[[ -f "${DSPAM_HOMEDIR}/ora_purge.sql" ]] && DSPAM_Oracle_PURGE_SQL="${DSPAM_HOMEDIR}/ora_purge.sql"
[[ "${DSPAM_Oracle_PURGE_SQL}" == "" ]] && exit 3
[[ ! -f "/usr/bin/sqlplus" ]] && exit 4
DSPAM_Oracle_DBLINK="$(cat ${DSPAM_HOMEDIR}/oracle.data|head -n 1|tail -n 1)"
DSPAM_Oracle_USER="$(cat ${DSPAM_HOMEDIR}/oracle.data|head -n 2|tail -n 1)"
DSPAM_Oracle_PWD="$(cat ${DSPAM_HOMEDIR}/oracle.data|head -n 3|tail -n 1)"
DSPAM_Oracle_SCHEMA="$(cat ${DSPAM_HOMEDIR}/oracle.data|head -n 4|tail -n 1)"
(/usr/bin/sqlplus -s ${DSPAM_Oracle_USER}/${DSPAM_Oracle_PWD} @${DSPAM_Oracle_PURGE_SQL}) 1>/dev/null 2>&1
exit $?
else
[[ ! -f "/usr/bin/dspam_clean" ]] && exit 4
/usr/bin/dspam_clean -s -p -u 1>/dev/null 2>&1
exit $?
fi
Einen grossen Teil der Spam/NoSpam Daten habe ich aus alten Mails genommen. Habe mehrere Tausend E-Mails welche knapp über ein Jahrzehnt zurückreichen. Einen weiteren Teil habe ich natürlich von http://dspam.nuclearelephant.com/sources/extras/dspam_sa_trainer.tar.gz genommen und den aller grössten Teil der Spam Daten habe ich von http://www.spamarchive.org/ genommen.
Für das Training habe ich einen globalen Benutzer erstellt:
cat /etc/mail/dspam/group
globaluser:merged:*
classifictiongroup:classification:*globaluser
inoculationgroup:inocoulation:*globaluser
Und dann habe ich das ganze Archiv von Spamarchive runtergeleaden und dann mit folgendem Skript das Ganze in das System gefüttert:
#!/bin/bash
CURRENT_INDEX=/tmp/$$_current_index_$$.txt
DIR_SUBMIT="/mnt/gentoo.scripts/spam-stuff/ftp.spamarchive.org/pub/archives/submit/*.r2.gz"
DIR_SUBMITAUTOMATED="/mnt/gentoo.scripts/spam-stuff/ftp.spamarchive.org/pub/archives/submitautomated/*.r2.gz"
##PATTERN_TO_PROCESS="${DIR_SUBMIT}"
##PATTERN_TO_PROCESS="${DIR_SUBMITAUTOMATED}"
PATTERN_TO_PROCESS="${DIR_SUBMIT} ${DIR_SUBMITAUTOMATED}"
TOTAL_COUNT="$(ls -1 ${PATTERN_TO_PROCESS} | wc --lines)"
COUNTER="0"
echo "Using ${CURRENT_INDEX} as index-file"
for foo in ${PATTERN_TO_PROCESS}
do
let COUNTER="((COUNTER+1))"
echo ${foo} > ${CURRENT_INDEX}
SPAM_TOTAL="$(mboxgrep --mailbox-format=zmbox --headers --regexp=. --count ${foo})"
echo "Processing ${SPAM_TOTAL} SPAM messages from $(basename ${foo}) [${COUNTER} of ${TOTAL_COUNT}]"
echo -ne .
mboxgrep --mailbox-format=zmbox --headers --regexp=. --pipe="(nice --adjustment=-15 dspam --class=spam --source=corpus --inoculate --user 'globaluser' --mode=teft --feature=chained,noise ; echo -ne .)" ${foo}
echo -ne "\n\n"
echo "Runing: dspam_clean -p0 globaluser"
dspam_clean -p0 globaluser
echo "Runing: /etc/cron.daily/dspam.cron"
sh /etc/cron.daily/dspam.cron
echo
done
echo
rm -f ${CURRENT_INDEX}
Mbox Grep kannst Du von hier beziehen: http://mboxgrep.sf.net
Die lokalen amavis Domänen passe ich mit folgendem Skript an:
#!/bin/bash
db_user="xxxxxxxxxxx"
db_password="yyyyyyyyyyyyyyy"
db_name="postfix"
db_table="domain"
db_field="domain"
db_where="AND (transport='virtual:' OR transport='local:' OR transport='maildrop:') AND active='1'"
amavis_local_domains_new=""
amavisd_conf="/etc/amavisd.conf"
amavisd_restart="/etc/init.d/amavisd restart"
postfix_main_config="/etc/postfix/main.cf"
for sql_result in $(mysql -h localhost -u ${db_user} --password=${db_password} -e "select ${db_field} from ${db_table} where 1 ${db_where} order by ${db_field} desc" ${db_name}|grep -i "\.")
do
amavis_local_domains_new=".${sql_result} ${amavis_local_domains_new}"
done
amavis_local_domains_conf="$(grep "^@local_domains_maps " ${amavisd_conf})"
if [ "${amavis_local_domains_conf}" != "@local_domains_maps = ( [qw( .\$mydomain ${amavis_local_domains_new})] );" ]
then
sed -i "s/^@local_domains_maps.*$/@local_domains_maps = ( [qw( .\$mydomain ${amavis_local_domains_new})] )\;/g" ${amavisd_conf}
exec ${amavisd_restart}
fi
Okay... ich glaube das ist mal genug für den Anfang.
Brauchst Du noch mehr Infos von mir? Ich helfe Dir gerne wo ich nur kann.
Gruss
Steve
On Sat, 19 Feb 2005 09:25:51 +0100
Frank Siebert <frn.siebert at gmx.de> wrote:
> Am Samstag, 19. Februar 2005 02:57 schrieb tp22a at softhome.net:
> Hallo Steve,
>
> ja gerne,
>
> cu Frank
>
> > Ich habe hier bei mir DSPAM am laufen. Habe mir aber bis jetzt noch keine
> > Mühe gemacht das Ding in Amavis zu integrieren (Zu wenig Doku, um so was zu
> > schaffen). Ich verwende +/- etwa den Setup von Gentoo (hab's ja auch auf
> > Gentoo am laufen). Habe aber schon seit einiger Zeit mein DSPAM selbst mit
> > einem Ebuild übersetzt und passe es dementsprechend an.
> >
> > Habe das ganze aber nicht mit der NextHop variante gemacht (ist mir zu
> > mühsam).
> >
> > Interessiert Dich der Setup? Wenn ja, kann ich mal Details posten.
> >
> >
> > Gruss
> >
> > Steve
> >
> > On Fri, 18 Feb 2005 20:30:28 +0100
> >
> > Jim Knuth <jk at jkart.de> wrote:
> > > Hallo und guten Abend Frank,
> > >
> > > danke für die Email vom 18.02.2005 um 13:43
> > >
> > > Frank Siebert schrieb - wrote:
> > > > ich habe es mal nach folgender Anleitung versucht.
> > > >
> > > > cu Frank
> > >
> > > und? Auch geklappt? ;-) Will sagen - macht es auch "wirklich" Sinn?
> > >
> > > --
> > > Viele Grüße, Kind regards,
> > > Jim Knuth
> > > jk at jkart.de
> > > ICQ #277289867
> > > Skype: callto://jimknuth
> > > ----------
> > > Zufalls-Zitat
> > > ----------
> > > Das Pfeifen unter Wasser ist in Florida verboten.
> > > ----------
> > > Dieser Text hat nichts mit dem Empfänger der Mail zu tun
> > > ----------
> > >
> > > virengeprüft mit NOD32 Version 1.1001 Update 17.02.2005
> > >
> > > --
> > > _______________________________________________
> > > Postfixbuch-users mailingliste
> > > Heinlein Professional Linux Support GmbH
> > >
> > > Postfixbuch-users at listi.jpberlin.de
> > > http://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
> --
> _______________________________________________
> Postfixbuch-users mailingliste
> Heinlein Professional Linux Support GmbH
>
> Postfixbuch-users at listi.jpberlin.de
> http://listi.jpberlin.de/mailman/listinfo/postfixbuch-users
Mehr Informationen über die Mailingliste Postfixbuch-users