Solved

postfix+spamassassin, RBL, white list

Posted on 2004-03-21
9
1,145 Views
Last Modified: 2012-05-04
I would like to use spamassassin at my work and if I was to do a per user configuration with white list senario, how in the world do my users get to configure their files that are kept in ~/.spamassassin. Is there some pretty little front end these microsoft lovers can use? I'm sure there has got to be some reasoning behind this. I'm just not sure how this is suppose to work.

If I was to use a SQL database or a LDAP database for my users contact list is there anyway to use that database of choice for a sitewide white list?
I guess if I could do things this way I would not need to allow my uses to edit their auto-whitelist file in ~/.spamassassin.
Infact this would be the prefered method.

Just out of curiosity where in the world does spamassassin keep its list of open relay servers it uses to check mail against? As I understand it spamassassin does this check by default, and it seems to be working. I am just curious about where the list of servers spamassassin uses is kept?

I would also like to get my users away from using outlook. Does anyone have a good solution for a MUA that runs on microsoft windows 2000 and XP. Maybe thunderbird by mozilla. It would need to communicate with a UW-IMAP server.
0
Comment
Question by:illtbagu
  • 5
  • 4
9 Comments
 
LVL 1

Author Comment

by:illtbagu
ID: 10664831
500 points going once, going twice. Is there no takers or no answers?
0
 
LVL 9

Accepted Solution

by:
Alf666 earned 500 total points
ID: 10666259
Many questions in one. Good it's worth a lot :-)

I/ Question 1 : How to allow users to edit their SpamAssassin prefs

You could try this :
http://webuserprefs.pipegrep.net/

I have not used it myself. Just typed SpamAssassin in Freshmeat :-). It looks like it supports MySQL as a preferences backend.


II/ RBL lists in SpamAssassin

SpamAssassin does not keep itself a list of open servers. It queries external services to do that. These services are nothing else than DNS servers which respond positively or negatively to an address query (e.g: yahoo.com.dnscheckingserver.tld.com. In this example, the dnscheckingserver.tld.com is the RBL I'm querying for yahoo.com domain).

If you have a look at 20_dnsbl_tests.cf (usually located around /usr/share/spamassassin, or /usr/local/share/spamassassin), you will find the tests, along with the addresses of the query servers.


III/ MUAs on Windows

If your users do not need Outlook's groupware functionalities, Outlook Express is a good choice. I've been usig it for years with different IMAP accounts without any problem (except that you definitely have to disable the "Compress messages in background" feature which can lead to serious mailbox corruption).

There's pletora of MUAs for Windows. Pegasus, for example is known to be a good one. Check the following link :

http://directory.google.com/Top/Computers/Software/Internet/Clients/Mail/Windows/





0
 
LVL 1

Author Comment

by:illtbagu
ID: 10668817
Thanks you sir. The full 500 points is yours. I was starting to worry that these questions were to hard :)

It always seems that if I make a question worth 500 points I am less likely to get anyone to answer it than if I made the question worth 300 points. If I make the question worth 300 points then I get more responses. I don't get it. I always make my question worth 500 points because I think my questions are hard. I usually don't post a question unless I cant find any good anwers after googling for a few hours.

My first question about users preferences with spamassassin has always bothered me. All of these linux admins cry out loud how great spamassassin is because each user can set his/her preferences but no one ever says how the usres can do this. I think most admins are not set up for this kind of thing but they like to brag that its possible. Thanks for that link sounds really promising.

I would really like to use OPENLDAP for my address book. It sounds like that is pretty much the standard. It would be nice to whitelist every email address in that LDAP address book. Maybe a nightly script that saves all of the entries in LDAP to a text file.

quote:
-----------------------------
II/ RBL lists in SpamAssassin

SpamAssassin does not keep itself a list of open servers. It queries external services to do that. These services are nothing else than DNS servers which respond positively or negatively to an address query (e.g: yahoo.com.dnscheckingserver.tld.com. In this example, the dnscheckingserver.tld.com is the RBL I'm querying for yahoo.com domain).
-----------------------------
Exactly I knew that :), I guess my question wasnt really clear. What I was asking was: where is the list of RBL servers kept that spamassassin uses to query email address against. example would be http://www.ordb.org/. You answered that in your next sentence I hope
quote:
-----------------------------
If you have a look at 20_dnsbl_tests.cf (usually located around /usr/share/spamassassin, or /usr/local/share/spamassassin), you will find the tests, along with the addresses of the query servers.
-----------------------------
I will check this first chance I get.

Thunderbird still looks to be the best MUA in my opinion. I just wanted someones opinion on what they prefered for their users thats all :)
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10670713
Thanks for the points :-) (you have not yet closed the question, btw).

About LDAP, yes. A suitable cron job will do the trick pretty well.

A couple more tips for free :-) :

If you want to speed up the RBL lookups in case one is broken, you can add the following to local.cf :

# No more than 1 second for RBLs
rbl_timeout                     3

3 seconds is fine for a well connected box. 5 might be better for a slow connection.

You can also disable some RBLs manually if you want to. Here under is an example of what I did when Osirusoft stopped working :

score   RCVD_IN_OSIRUSOFT_COM   0
score   X_OSIRU_DUL             0
score   X_OSIRU_DUL_FH          0
score   X_OSIRU_OPEN_RELAY      0
score   X_OSIRU_SPAM_SRC        0
score   X_OSIRU_SPAMWARE_SITE   0

Good luck with your setup. And, yes, people are right. SpamAssassin is a very good product.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:illtbagu
ID: 10671360
I already have the rbl timeout in my local.cf file thanks though, but I do have it set to 30 seconds, I probably should trim the time down some.

I agree spamassassin is a great product, I agree with that 100%. I am only getting about 65 percent of my spam detected though. I was at one time getting around 95% but the percentage has droped drastically in the past few months. I always keep up to date with spamassassin too. I have gone to a rpm installation of spamassassin. The required hits for mail to be considered spam is 3 the default was 5 but when it was set at 5 hits it detected probly around 25%.

Thanks for everything
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10671567
You should not hesitate ta make your own rules.
Plus, training the bayesian classifier greatly improved my SPAM score.
I do only get once spam every now and then, plus very few false positives.

And, once again, do not forget to close your question.
0
 
LVL 1

Author Comment

by:illtbagu
ID: 10673833
The question is closed and you have the points. If you don't have the points lets get ahold of the moderator.

quote:
-----------------
Plus, training the bayesian classifier greatly improved my SPAM score
-----------------
I tried to do this once but it made matters worse. I had collected around 900 spam messages that were not detected. I tried to train spamassassin on these emails. If you read the man pages it tells you that you must collect a few thousand spam messages to do this with or it could have the opisite affects.
man sa-learn

Could you elaborate a little on how to make your own rules with spamassassin I have not done this.
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10675994
Question is closed all right. Thanks.

Very simple. The only thing you have to have a little knowledge about are regular expressions.

Spamassassin is mainly based on them to recognize patterns in some part(s) of the email.
If the pattern is recognized, then it adds the score which is defined by the rule. Mainly, all the rules that are inside SpamAssassin have scores calculated automatically at "SpamAssassin labs" based on a rich corpus of spams and hams. So, when you write your own rules, you have to assign a score manually, and that's where you want to be absolutely sure of what you're doing.

A simple example is worth a thousand words, so here is one of mine.

Beeing French, I rarely have emails talking about porn or incest ! So i have this simple rule, which weights 2 points :

body ALF_SIMPLE_PORN            /(porn[o]*|incest)/i
describe ALF_SIMPLE_PORN        Porn Word(s)
score ALF_SIMPLE_PORN           2

The first line says that I'm looking for any occurence of (porn (or porno)) or incest.
The "/i" says that the comparison will be case independant.
The "body" says that I'm looking for these words inside the body part of the email.

The second line is a text description of the rule
The third line is the score.

To test this, I get an offending email which I put inside a file, and then, run the SpamAssassin command line tool.

For more information, see the "Rule Wiki" which is a very good resource about writing your own rules :

http://www.exit0.us/
0
 
LVL 1

Author Comment

by:illtbagu
ID: 10677785
You have been of great help to me sir, many thanks.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

In this post, we will have a look on how to install Exchange Server 2013 from command prompt, instead of using the graphical user interface. Below are the steps that are to be performed to install Exchange Server 2013. 1. Domain Controller and…
The biggest nightmare for any Exchange Server Administrator is to keep the server running without any issue. But the problems often come and they need to be resolved efficiently and timely. Here are important troubleshooting points: Define the Pr…
The purpose of this video is to demonstrate how to set up Lists in Mailchimp. This will be demonstrated using a Windows 8 PC. Mailchimp will be used. Log into your Mailchimp account. : Click on Lists. Click on Create List Button : Choose the desi…
The purpose of this video is to demonstrate how to use PicMonkey software to customize images for a Mailchimp campaign. Picmonkey is free and simple online software which can be used by users who don’t have robust editing software such as Photoshop,…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now