ee25310d |
1 | Here's how we set up our site-wide Spam``Assassin bayes database, including the ability for users to train it.\r |
2 | \r |
3 | 1. Create a new user `spamd` with home `/var/local/lib/spamd`.\r |
4 | 1. Add "spamd" to `/etc/cron.allow`.\r |
5 | 1. Perform the following as `spamd`:\r |
6 | 1. `cd ~spamd`\r |
7 | 1. `maildirmake -S Maildir`, to create the shared Spam``Assassin mailbox.\r |
8 | 1. `maildirmake -f SiteSpam -s write Maildir`, to create a writable folder for misclassified spam (or if extracting from a tarball, make sure it has the sticky bit set by doing the following).\r |
9 | {{{\r |
10 | find ~spamd/Maildir/.SiteSpam -type d -exec chmod o+t {} \;\r |
11 | }}}\r |
12 | 1. `maildirmake -f SiteHam -s write Maildir`, to create a writable folder for misclassified ham (or if extracting from a tarball, make sure it has the sticky bit set by doing the following).\r |
13 | {{{\r |
14 | find ~spamd/Maildir/.SiteHam -type d -exec chmod o+t {} \;\r |
15 | }}}\r |
16 | 1. Add the following to `~spamd/.crontab` to learn from and delete messages in those shared folders every five minutes (changing MACHINENAME to be the name of the local machine):\r |
17 | {{{\r |
18 | MAILTO=logs@MACHINENAME.hcoop.net\r |
19 | \r |
20 | # Learn from submitted spam\r |
21 | 0,10,20,30,40,50 * * * * ~spamd/scripts/learn-spam --spam\r |
22 | # Learn from submitted ham\r |
23 | 0,10,20,30,40,50 * * * * ~spamd/scripts/learn-spam --ham\r |
24 | # Remove any tmp cruft\r |
25 | 3 3 * * * find ~spamd/Maildir/.SiteHam/tmp -type f -delete ; find ~spamd/Maildir/.SiteSpam/tmp -type f -delete\r |
26 | }}}\r |
27 | '''Be sure there's a newline after the last line, or it won't be processed.'''\r |
28 | 1. Copy the `learn-spam` script from the `spam` directory of the hcoop "misc" repository into the directory `~spamd/scripts`.\r |
29 | 1. Modify `/etc/spamassassin/local.cf` with the directive:\r |
30 | {{{\r |
31 | # Location of bayes data\r |
32 | bayes_path /var/local/lib/spamd/bayes/.spamassassin/bayes\r |
33 | \r |
34 | # Fix bayes permissions\r |
35 | bayes_file_mode 0770\r |
36 | \r |
37 | # Directives from old setup\r |
38 | # [any custom stuff from the old /etc/spamassassin/local.cf that you want to keep]\r |
39 | }}}\r |
40 | 1. Modify `/etc/default/spamassassin` by setting `OPTIONS` and `ENABLED`as follows. The `-x` prevents `spamd` from trying to look for per-user configuration, which would be silly because it always runs as the same user here. Without this flag, the cron job triggered every 5 minutes would log an error message, which would lead to an e-mail being sent to the `spamd` user.\r |
41 | {{{\r |
42 | # Change to one to enable spamd\r |
43 | ENABLED=1\r |
44 | \r |
45 | OPTIONS="--create-prefs --max-children 5 --helper-home-dir=/var/local/lib/spamd -u spamd -x -s /var/log/spamd.log"\r |
46 | \r |
47 | PIDFILE="/var/local/lib/spamd/pid"\r |
48 | }}}\r |
49 | 1. Make a file called `/etc/logrotate.d/spamd` with the following contents.\r |
50 | {{{\r |
51 | /var/log/spamd.log {\r |
52 | weekly\r |
53 | missingok\r |
54 | create 0640 root adm\r |
55 | rotate 4\r |
56 | compress\r |
57 | delaycompress\r |
58 | sharedscripts\r |
59 | postrotate\r |
60 | [ -f '/var/local/lib/spamd/pid' ] && (kill -HUP `cat /var/local/lib/spamd/pid`) || exit 0\r |
61 | endscript\r |
62 | }\r |
63 | }}}\r |
64 | 1. Start the daemon by doing {{{/etc/init.d/spamassassin start}}}. Check `/var/log/spamd.log` to be sure that it started OK.\r |
65 | 1. Install the `.crontab` entries that you wrote earlier by doing {{{crontab -u spamd ~spamd/.crontab}}} as root. Do this every time that you make changes to `~spamd/.crontab`.\r |
66 | 1. Edit {{{/etc/courier/shared/index}}} as follows, being sure to separate each column with a single TAB character. The second column is UID, and third column is GID -- consult `/etc/passwd` and `/etc/group` to make these match the `spamd` user and group.\r |
67 | {{{\r |
68 | spamd 116 119 /var/local/lib/spamd\r |
69 | }}}\r |
70 | 1. Restart courier's IMAP process: {{{runsv restart courier-imap}}}\r |
71 | 1. Test by checking to see if you can access {{{shared.SpamAssassin.SiteHam}}} and {{{shared.SpamAssassin.SiteSpam}}} from IMAP. If not, do {{{maildirmake --add SpamAssassin=~spamd/Maildir ~/Maildir}}} as your normal user from the machine that does courier (and presumably spamassassin as well). You might need to replace `~` with `~USERNAME` if you are using sudo to do this, where USERNAME is your normal username.\r |
72 | 1. Now copy some spammy mail into the {{{SiteSpam}}} directory, wait 5 minutes, and check to see if the mail got learned and deleted.\r |
73 | 1. If so, edit {{{~spamd/.crontab}}} to pipe the output of sa-learn to /dev/null, and run crontab as specified earlier to propogate this change.\r |
74 | \r |
75 | ----\r |
76 | CategorySystemAdministration\r |