Difference between revisions of "SpamAssassin/ClamAV"

From CSEE Documentation
Line 10: Line 10:
 
#*You want a single line which pipes all mail to procmail as shown here (replace '''''your_username''''' with your actual username):<pre>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #your_username"</pre>example:<pre>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #brianb"</pre>
 
#*You want a single line which pipes all mail to procmail as shown here (replace '''''your_username''''' with your actual username):<pre>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #your_username"</pre>example:<pre>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #brianb"</pre>
 
# Edit/create a ~/.procmailrc file (this sample [http://www.cs.umbc.edu/systems/.procmailrc .procmailrc] can be downloaded).<br/><br/>
 
# Edit/create a ~/.procmailrc file (this sample [http://www.cs.umbc.edu/systems/.procmailrc .procmailrc] can be downloaded).<br/><br/>
#* This is the content of the .procmailrc file that is provided:
+
#* This is the content of the sample .procmailrc file to allow copy and paste:
 
<ul><ul><pre>MAILDIR=$HOME/mail
 
<ul><ul><pre>MAILDIR=$HOME/mail
 
:0fw
 
:0fw
Line 17: Line 17:
 
:0:
 
:0:
 
* ^X-Spam-Status: Yes
 
* ^X-Spam-Status: Yes
caughtspam<
+
caughtspam
  
 
:0fw
 
:0fw

Revision as of 23:36, 10 January 2007

Overview

Spam Assassin 3.1.4 and Clam Assassin 1.2.3 are now available for use. Spam Assassin is used to identify e-mails which have spam characteristics, while Clam Assassin uses ClamAV to identify virus signatures. Short instructions are available to add Clam Assassin only if Spam Assassin is already being used.

Neither Spam Assassin nor Clam Assassin are enabled by default. Even though these are some of the best tools available, they are also known to filter out valid emails too. They are to be used at your own risk.

Setting Up Spam Assassin and Clam Assassin

  1. Log into your CSEE UNIX shell account.

  2. Edit/create a ~/.forward file in your home directory (this sample .forward can be downloaded.)

    • You want a single line which pipes all mail to procmail as shown here (replace your_username with your actual username):
      "|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #your_username"
      example:
      "|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #brianb"
  3. Edit/create a ~/.procmailrc file (this sample .procmailrc can be downloaded).

    • This is the content of the sample .procmailrc file to allow copy and paste:
      MAILDIR=$HOME/mail
      :0fw
      | /cs/bin/spamassassin
      
      :0:
      * ^X-Spam-Status: Yes
      caughtspam
      
      :0fw
      | /cs/bin/clamassassin
      
      :0:
      * ^X-Virus-Status: Yes<
      virus
      
    • If you have a working .procmailrc file, copy all of the lines above except for the line beginning with MAILDIR and place them near or at the top of your rules.
  1. Let a few emails arrive. Spam Assassin will automatically create a .spamassassin directory and files within that directory.
  2. Frequently review your "caughtspam" mail folder. Messages older than 60 days will automatically get purged. Messages that are identified as viruses will be stored in the "virus" mail folder. Do not attempt to open any e-mails placed in the "virus" folder since they may take advantage of a bug in a mail client and automatically execute. Please contact the CSEEIT Systems group if you need to safely review any message with viruses.
  3. Options are available in the ~/.spamassassin/user_prefs file to better catch spam messages (and better prevent false positives). See the User Preferences section in the Spam Assassin Configuration Page for details.

    Adding Only Clam Assassin (with Spam Assassin already enabled)

    1. Log into your CSEE UNIX shell account.

    2. Edit ~/.procmailrc . Find the lines:
      :0fw
      | /cs/bin/spamassassin
      
      :0:
      * ^X-Spam-Status: Yes
      caughtspam
      

      and add these afterwards with a blank line separating them:

      :0fw
      | /cs/bin/clamassassin
      
      :0:
      * ^X-Virus-Status: Yes
      virus