SpamAssassin/ClamAV

From CSEE Documentation
Revision as of 18:24, 4 December 2013 by Gweiss (talk | contribs)

Overview

SpamAssassin and clamassassin are now available for use. SpamAssassin is used to identify e-mails which have spam characteristics, while clamassassin uses ClamAV to identify virus signatures. Short instructions are available to add clamassassin only if SpamAssassin is already being used.

Neither SpamAssassin nor clamassassin are enabled by default. Even though these are some of the best tools available, they are also known to filter out valid emails too. They are to be used at your own risk.

Setting Up SpamAssassin and clamassassin

  1. Log into your CSEE UNIX shell account.

  2. Edit/create a ~/.forward file in your home directory (this sample .forward can be downloaded.)

    • You want a single line which pipes all mail to procmail as shown here (replace your_username with your actual username):
      "|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #your_username"
      example:
      "|IFS=' ' && exec /usr/site/bin/procmail -f- || exit 75 #brianb"
  3. Edit/create a ~/.procmailrc file (this sample .procmailrc can be downloaded).

    • This is the content of the sample .procmailrc file to allow for copying/pasting and/or review:
      MAILDIR=$HOME/mail
      :0fw
      | /usr/site/bin/spamc
      
      :0:
      * ^X-Spam-Status: Yes
      caughtspam
      
      :0fw
      | /usr/site/bin/clamassassin
      
      :0:
      * ^X-Virus-Status: Yes
      virus
      
    • If you have a working .procmailrc file, copy all of the lines above except for the line beginning with MAILDIR and place them near or at the top of your rules. Ensure that there is a blank line separating rules.
  1. Let a few emails arrive. SpamAssassin will automatically create a .spamassassin directory and files within that directory.
  2. Frequently review your "caughtspam" mail folder. Messages older than 60 days will automatically get purged. Messages that are identified as viruses will be stored in the "virus" mail folder. Do not attempt to open any e-mails placed in the "virus" folder since they may take advantage of a bug in a mail client and automatically execute. Please contact the CSEEIT Systems group if you need to safely review any message with viruses.
  3. Options are available in the ~/.spamassassin/user_prefs file to better catch spam messages (and better prevent false positives). See the User Preferences section in the SpamAssassin Configuration Page for details.

Adding Only clamassassin (with SpamAssassin already enabled)

  1. Log into your CSEE UNIX shell account.

  2. Edit ~/.procmailrc . Find the lines:
    :0fw
    | /usr/site/bin/spamc
    
    :0:
    * ^X-Spam-Status: Yes
    caughtspam
    

    and add these afterwards with a blank line separating them:

    :0fw
    | /usr/site/bin/clamassassin
    
    :0:
    * ^X-Virus-Status: Yes
    virus