Search Site:

About

Linux

Printers?

Programming

Windows?

Download

Skins

Edit - To Do - AllRecentChanges

Recent Changes Printable View Page History Edit Page

This page is part of the EmailServer article.

Improving spam filtering

SpamAssassin comes with the ability to use custom-rules used to add/remove points to each message passing through.
As a result there are a number of rule lists available that are regularly maintained to contain the filtering rules against the latest spam and other more serious threats.

On interesting project is Rules Du Jour at Exit0Wiki, a SpamAssassin-dedicated site.
It is in fact a script that allows you -using a configuration file- to download an install a lot of rule files from various sources without having to worry about manually deploying them yourself.

Installation

To install Rules Du Jour is simple enough and here is a quick recap.

# cd /usr/sbin
# wget http://sandgnat.com/rdj/rules_du_jour
# chmod 755 rules_du_jour
# mkdir /etc/rulesdujour
# touch /etc/rulesdujour/config

This will have downloaded the script and made it executable by root and created the blank configuration file that we now need to fill.

SA_DIR="/etc/mail/spamassassin"
MAIL_ADDRESS="spam.police@example.com"
SA_RESTART="killall -HUP spamd"

TRUSTED_RULESETS="TRIPWIRE ANTIDRUG SARE_EVILNUMBERS0 SARE_EVILNUMBERS1 SARE_EVILNUMBERS2 BLACKLIST BLACKLIST_URI RANDOMVAL BOGUSVIRUS SARE_ADULT SARE_FRAUD SARE_FRAUD_PRE25X SARE_BML SARE_BML_PRE25X SARE_RATWARE SARE_SPOOF SARE_BAYES_POISON_NXM SARE_OEM SARE_RANDOM SARE_HEADER SARE_HEADER0 SARE_HEADER1 SARE_HEADER2 SARE_HEADER3 SARE_HEADER_ENG SARE_HEADER_X264_X30 SARE_HEADER_X30 SARE_HTML SARE_HTML0 SARE_HTML1 SARE_HTML2 SARE_HTML3 SARE_HTML4 SARE_HTML_ENG SARE_HTML_PRE300 SARE_SPECIFIC SARE_OBFU SARE_OBFU0 SARE_OBFU1 SARE_OBFU2 SARE_OBFU3 SARE_REDIRECT SARE_REDIRECT_POST300 SARE_SPAMCOP_TOP200 SARE_GENLSUBJ SARE_GENLSUBJ0 SARE_GENLSUBJ1 SARE_GENLSUBJ2 SARE_GENLSUBJ3 SARE_GENLSUBJ_X30 SARE_GENLSUBJ_ENG SARE_HIGHRISK SARE_UNSUB SARE_URI0 SARE_URI1 SARE_URI2 SARE_URI3 SARE_URI_ENG SARE_WHITELIST SARE_WHITELIST_PRE30"

My config file contains all available rules. Just remove the ones you don't need and don't forget to change the notification email address to something suitable to your site.

Now we just need to make this run daily (please only run once per day to avoid stealing too much bandwidth from the sites that kindly give us these free goodies).
Update your crontab y issuing crontab -e on the command line and appending the following on a new line:

# Get latest SpamAssassin rules. Runs at 2:22AM every day.
22  02    *    *    *     /usr/sbin/rules_du_jour

Change the time to something else to even-out the load on the servers that we will download from.

Now the last thing we can do is try to run the script. It will output a lot of info as each rule is downloaded and installed.
Once all are done, spamassassin will test them and if no errors are reported, will restart itself.

# rules_du_jour

You should now have another, improved layer of email protection.

Resources

< SpamAssassin | EmailServer | PostGrey>

Leave your comments below
Enter your comment (no links allowed): Author:

Edit Page - Page History - Printable View - Recent Changes - WikiHelp - Search - RSS -
Page last modified on Friday 23 January 2009, at 08:58 GMT+8 - Viewed 2350 times