Difference between revisions of "SpamAssassin/ClamAV"

From CSEE Documentation
(Removed Sample FIles since the link is broken/ the file contents are in the article)
 
(31 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
==Overview==
 
==Overview==
Spam Assassin 3.1.4 and Clam Assassin 1.2.3 are now available for use. Spam Assassin is used to identify e-mails which have spam characteristics, while Clam Assassin uses [http://www.clamav.net/ ClamAV] to identify virus signatures. [[#Adding Only Clam Assassin (with Spam Assassin already enabled)|Short instructions]] are available to add Clam Assassin Only if the Spam Assassin check has been implemented.   
+
SpamAssassin and clamassassin are now available for use. SpamAssassin is used to identify e-mails which have spam characteristics, while clamassassin uses [http://www.clamav.net/ ClamAV] to identify virus signatures. [[#Adding Only clamassassin (with SpamAssassin already enabled)|Short instructions]] are available to add clamassassin only if SpamAssassin is already being used.   
  
Neither Spam Assassin nor Clam Assassin are enabled by default. Even though these are some of the best tools available, they are also known to filter out valid emails too. They are to be used at your own risk.
+
Neither SpamAssassin nor clamassassin are enabled by default. Even though these are some of the best tools available, they are also known to filter out valid emails too. They are to be used at your own risk.
  
==Setting Up Spam Assassin and Clam Assassin==
+
==Setting Up SpamAssassin and clamassassin==
  
 
# Log into your CSEE UNIX shell account.<br/><br/>
 
# Log into your CSEE UNIX shell account.<br/><br/>
# Edit/create a ~/.forward file in your home directory (this sample [http://www.cs.umbc.edu/systems/.forward .forward] can be downloaded.)<br/><br/>
+
# Edit/create a ~/.forward file in your home directory.<br/><br/>
#*You want a single line which pipes all mail to procmail as shown here (replace '''''your_username''''' with your actual username):<br/><br/><code>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #your_username"</code><br/><br/>example:<br/><br/><code>"|IFS=' ' && exec /usr/local/bin/procmail -f- || exit 75 #brianb"</code><br/><br/>
+
#*You want a single line which pipes all mail to procmail as shown here (replace '''''your_username''''' with your actual username):<pre>"|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #your_username"</pre>example:<pre>"|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #brianb"</pre>
# Edit/create a ~/.procmailrc file (this sample [http://www.cs.umbc.edu/systems/.procmailrc .procmailrc] can be downloaded).<br/><br/>
+
# Edit/create a ~/.procmailrc file.<br/><br/>
#* If you do not have a .procmailrc file, this is needed:<br/><code>MAILDIR=$HOME/mail</code><br/><br/><code>:0fw</code><br/><code>| /cs/bin/spamassassin</code><br/><br/><code>:0:</code><br/><code>* ^X-Spam-Status: Yes</code><br/><code>caughtspam</code><br/><br/><code>:0fw</code><br/><code>| /cs/bin/clamassassin</code><br/><br/><code>:0:</code><br/><code>* ^X-Virus-Status: Yes</code><br/><code>virus</code><br/><br/>
+
#* This is the content of the sample .procmailrc file to allow for copying/pasting and/or review:
#* If you have a working .procmailrc file, copy all of the lines above except for the line beginning with <code>MAILDIR</code> and place them near or at the top of your rules.<br/><br/>
+
<ul><ul><pre>MAILDIR=$HOME/mail
# Let a few emails arrive. Spam Assassin will automatically create a .spamassassin directory and files within that directory.<br/><br/>
+
:0fw
# Frequently review your "caughtspam" mail folder. Messages older than 60 days will automatically get purged. Messages that are identified as viruses will be stored in the "virus" mail folder. '''''Do not''''' attempt to open any e-mails placed in the "virus" folder since they may take advantage of a bug in a mail client and automatically execute. Please contact the CSEEIT Systems group if you need to safely review any message with viruses.<br/><br/>
+
| /usr/site/bin/spamc
# Options are available in the <code>~/.spamassassin/user_prefs</code> file to better catch spam messages (and better prevent false positives). See the [http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html#user_preferences User Preferences] section in the [http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html Spam Assassin Configuration Page] for details.
 
  
==Adding Only Clam Assassin (with Spam Assassin already enabled)==
+
:0:
 +
* ^X-Spam-Status: Yes
 +
caughtspam
 +
 
 +
:0fw
 +
| /usr/site/bin/clamassassin
 +
 
 +
:0:
 +
* ^X-Virus-Status: Yes
 +
virus
 +
</pre>
 +
<li>If you have a working .procmailrc file, copy all of the lines above except for the line beginning with <code>MAILDIR</code> and place them near or at the top of your rules.  Ensure that there is a blank line separating rules.
 +
</ul>
 +
</ul>
 +
<ol start="4">
 +
<li>Let a few emails arrive. SpamAssassin will automatically create a .spamassassin directory and files within that directory.
 +
<li>Frequently review your "caughtspam" mail folder. Messages older than 60 days will automatically get purged. Messages that are identified as viruses will be stored in the "virus" mail folder. '''''Do not''''' attempt to open any e-mails placed in the "virus" folder since they may take advantage of a bug in a mail client and automatically execute. Please contact the CSEEIT Systems group if you need to safely review any message with viruses.
 +
<li>Options are available in the <code>~/.spamassassin/user_prefs</code> file to better catch spam messages (and better prevent false positives). See the [http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html#user_preferences User Preferences] section in the [http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.html SpamAssassin Configuration Page] for details.
 +
</ol>
 +
 
 +
==Adding Only clamassassin (with SpamAssassin already enabled)==
  
 
# Log into your CSEE UNIX shell account.<br/><br/>
 
# Log into your CSEE UNIX shell account.<br/><br/>
# Edit ~/.procmailrc . Find the lines:<br/><br/><code>:0fw</code><br/><code>| /cs/bin/spamassassin</code><br/><br/><code>:0:</code><br/><code>* ^X-Spam-Status: Yes</code><br/><code>caughtspam</code><br/><br/>and add:<br/><br/><code>:0fw</code><br/><code>| /cs/bin/clamassassin</code><br/><br/><code>:0:</code><br/><code>* ^X-Virus-Status: Yes</code><br/><code>virus</code>
+
# Edit ~/.procmailrc . Find the lines:
 +
<ul><pre>
 +
:0fw
 +
| /usr/site/bin/spamc
 +
 
 +
:0:
 +
* ^X-Spam-Status: Yes
 +
caughtspam
 +
</pre>
 +
and add these afterwards with a blank line separating them:
 +
<pre>
 +
:0fw
 +
| /usr/site/bin/clamassassin
 +
 
 +
:0:
 +
* ^X-Virus-Status: Yes
 +
virus
 +
</pre></ul>
 +
 
 +
==Using with Vacation==
 +
# Log into your CSEE UNIX shell account.
 +
# Set up [https://www.csee.umbc.edu/systems/index.php/Maintain_Vacation_replies vacation], but don't change the file ~/.forward in the final step
 +
# Edit or create the file ~/.vacation.procmailrc and add:
 +
<ul><pre>
 +
SHELL=/bin/sh
 +
MAILDIR=$HOME/mail
 +
 
 +
:0
 +
* $^To:.*\<$\LOGNAME\>
 +
{
 +
 
 +
  :0 c
 +
  | /usr/bin/vacation $LOGNAME
 +
 
 +
  :0
 +
  /var/mail/$LOGNAME
 +
 
 +
}
 +
 
 +
</pre>  
 +
Then, edit ~/.procmailrc and add the following line:
 +
<pre>
 +
INCLUDERC=$HOME/.vacation.procmailrc
 +
</pre>
 +
When you no longer want the vacation autoresponse, comment it out by changing it to this:
 +
<pre>
 +
#INCLUDERC=$HOME/.vacation.procmailrc
 +
</pre></ul>

Latest revision as of 10:20, 9 August 2023

Overview

SpamAssassin and clamassassin are now available for use. SpamAssassin is used to identify e-mails which have spam characteristics, while clamassassin uses ClamAV to identify virus signatures. Short instructions are available to add clamassassin only if SpamAssassin is already being used.

Neither SpamAssassin nor clamassassin are enabled by default. Even though these are some of the best tools available, they are also known to filter out valid emails too. They are to be used at your own risk.

Setting Up SpamAssassin and clamassassin

  1. Log into your CSEE UNIX shell account.

  2. Edit/create a ~/.forward file in your home directory.

    • You want a single line which pipes all mail to procmail as shown here (replace your_username with your actual username):
      "|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #your_username"
      example:
      "|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #brianb"
  3. Edit/create a ~/.procmailrc file.

    • This is the content of the sample .procmailrc file to allow for copying/pasting and/or review:
      MAILDIR=$HOME/mail
      :0fw
      | /usr/site/bin/spamc
      
      :0:
      * ^X-Spam-Status: Yes
      caughtspam
      
      :0fw
      | /usr/site/bin/clamassassin
      
      :0:
      * ^X-Virus-Status: Yes
      virus
      
    • If you have a working .procmailrc file, copy all of the lines above except for the line beginning with MAILDIR and place them near or at the top of your rules. Ensure that there is a blank line separating rules.
  1. Let a few emails arrive. SpamAssassin will automatically create a .spamassassin directory and files within that directory.
  2. Frequently review your "caughtspam" mail folder. Messages older than 60 days will automatically get purged. Messages that are identified as viruses will be stored in the "virus" mail folder. Do not attempt to open any e-mails placed in the "virus" folder since they may take advantage of a bug in a mail client and automatically execute. Please contact the CSEEIT Systems group if you need to safely review any message with viruses.
  3. Options are available in the ~/.spamassassin/user_prefs file to better catch spam messages (and better prevent false positives). See the User Preferences section in the SpamAssassin Configuration Page for details.

Adding Only clamassassin (with SpamAssassin already enabled)

  1. Log into your CSEE UNIX shell account.

  2. Edit ~/.procmailrc . Find the lines:
    :0fw
    | /usr/site/bin/spamc
    
    :0:
    * ^X-Spam-Status: Yes
    caughtspam
    

    and add these afterwards with a blank line separating them:

    :0fw
    | /usr/site/bin/clamassassin
    
    :0:
    * ^X-Virus-Status: Yes
    virus
    

Using with Vacation

  1. Log into your CSEE UNIX shell account.
  2. Set up vacation, but don't change the file ~/.forward in the final step
  3. Edit or create the file ~/.vacation.procmailrc and add:
    SHELL=/bin/sh
    MAILDIR=$HOME/mail
    
    :0
    * $^To:.*\<$\LOGNAME\>
    {
    
      :0 c
      | /usr/bin/vacation $LOGNAME
    
      :0
      /var/mail/$LOGNAME
    
    }
    
    

    Then, edit ~/.procmailrc and add the following line:

    INCLUDERC=$HOME/.vacation.procmailrc
    

    When you no longer want the vacation autoresponse, comment it out by changing it to this:

    #INCLUDERC=$HOME/.vacation.procmailrc