Fighting Spam with Qmail (part I)
Introduction
Spam is one of the annoying facts of Internet life in the 21st century. So, decreasing the amount of annoying spam one gets is a worthy goal, if one can do it without too much effort.
In this article, I will explain how you can fight spam by making your qmail server filter your messages through spamassassin.
In a coming article, I will explain how to patch your qmail server to make spammer's life somewhat harder and at the same time decrease the amount of time the server spends rejecting filtering and discarding spam.
Implementation
The best tool I know to detect if a given piece of mail is spam is spamassassin. It's not too hard to install, and you can even get RPMs of it for the popular Red Hat distribution.
Once spamassassin is installed, you need to make it work. Since some users may prefer to keep their mail unfiltered, I will explain how to set it up as a per-user solution.
If you just want to enable it for everyone, qmail-scanner has support for it.- Install spamassassin, and make sure you have spamd running
- Get James Grinter's ifspamh. It's a Korn shell script, so just get it and copy it to some sane place, like /usr/bin, and make sure the first line points to where your ksh is installed. If your system has no ksh, try installing a package called pdksh, or edit ifspamh to make it use bash or /bin/sh (read the comments for the author's explanation).
- Make your mail pass through ifspamh, and if it's spam, store it somewhere else than the default.
Step 3 is the only tricky one. If you access your mail through IMAP, you want to filter the spam into a separate IMAP folder. For example, when using courier-imap, that folder may be something like ~/Maildir/.spam which you can create with the command maildirmake ~/Maildir/.spam (or simply using your IMAP client).
Ifspamh works by using your ~/.qmail file to filter the messages.
Sample ~/.qmail
|ifspamh ralsina-spam ./Maildir/
What the above example does is redirect all spam to the ralsina-spam address, and deliver the rest to ./Maildir/
Since ralsina-spam is simply a sub-address of ralsina (my account), I can choose where that goes by creating a ~/.qmail-spam file, which delivers all of ralsina-spam's messages into ~/Maildir/.spam/:
Sample ~/.qmail-spam for IMAP users
./Maildir/.spam/
If you use POP3 instead, you won't be able to access such folders, so your best bet is to mark the spam with something in the subject and then use client-side filtering to move it into a folder in your client box.
Keep ~/.qmail as above, but use this as ~/.qmail-spam:
Sample ~/.qmail-spam for POP3 users
./Maildir/
That way, the tagged spam will still be in your Inbox. Make sure your spamassassin tags spam by using rewrite_subject 1 in your preferences file. It is usually a bad idea to just remove spam, since you can always misclassify something, but you could do it by just putting a comment in the ~/.qmail-spam file.
The only bad side of this is that spam uses two local deliveries instead of one rising the resource usage somewhat, but it should be negligible.
Spamassassin has support for a Bayesian filter that learns what is spam and what isn't. If you want to teach it, this is the simplest way:
- Create a spam@yourdomain.com address
- Create a notspam@yourdomain.com address
- Start redirecting any misclassified mail to the obvious address. Make sure you redirect it unchanged! usually, the "forward" feature of your mailer won't be good enough, since it will appear that the spam comes from you, and you don't want your own mail to be classified as spam, right? ;-)
- Create cron jobs that learn from those folders, then remove the messages.
Again, that last step may be the tricky one: your cron task could look like this:
Sample crontab for spamassassin bayesian filter
0 0 * * * sa-learn --spam --dir /home/spam/Maildir/new >/dev/null 2>&1\ && rm /home/spam/Maildir/new/* 0 0 * * * sa-learn --ham --dir /home/nospam/Maildir/new >/dev/null 2>&1\ && rm /home/nospam/Maildir/new/*
Comments for this story are here:
http://www.haloscan.com/com...
Hi very nice article