From 22487bc56bef63ccd5c8d4ba187407f429314078 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 24 Oct 2016 23:23:23 +0200 Subject: Add SpamAssassin-related tweaks. --- spamassassin/default/spamass-milter | 31 +++++++++ spamassassin/default/spamass-milter.diff | 23 +++++++ spamassassin/default/spamassassin | 34 ++++++++++ spamassassin/default/spamassassin.diff | 17 +++++ spamassassin/init.sh | 8 +++ spamassassin/local.cf | 112 +++++++++++++++++++++---------- spamassassin/local.cf.diff | 19 ++++++ spamassassin/v320.pre | 64 ++++++++++++++++++ spamassassin/v320.pre.diff | 18 +++++ spamassassin/v341.pre | 28 ++++++++ spamassassin/v341.pre.diff | 11 +++ 11 files changed, 331 insertions(+), 34 deletions(-) create mode 100644 spamassassin/default/spamass-milter create mode 100644 spamassassin/default/spamass-milter.diff create mode 100644 spamassassin/default/spamassassin create mode 100644 spamassassin/default/spamassassin.diff create mode 100755 spamassassin/init.sh create mode 100644 spamassassin/local.cf.diff create mode 100644 spamassassin/v320.pre create mode 100644 spamassassin/v320.pre.diff create mode 100644 spamassassin/v341.pre create mode 100644 spamassassin/v341.pre.diff (limited to 'spamassassin') diff --git a/spamassassin/default/spamass-milter b/spamassassin/default/spamass-milter new file mode 100644 index 0000000..aacf2de --- /dev/null +++ b/spamassassin/default/spamass-milter @@ -0,0 +1,31 @@ +# spamass-milt startup defaults + +# OPTIONS are passed directly to spamass-milter. +# man spamass-milter for details + +# Non-standard configuration notes: +# See README.Debian if you use the -x option with sendmail +# You should not pass the -d option in OPTIONS; use SOCKET for that. + +# Default, use the spamass-milter user as the default user, ignore +# messages from localhost +OPTIONS="-u spamass-milter" + +# Reject emails with spamassassin scores > 10. +OPTIONS="${OPTIONS} -r 10" + +# Do not modify Subject:, Content-Type: or body. +#OPTIONS="${OPTIONS} -m" + +# Use UNIX socket +OPTIONS="${OPTIONS} -- --socket=/var/run/spamassassin/spamd.sock" + +###################################### +# If /usr/sbin/postfix is executable, the following are set by +# default. You can override them by uncommenting and changing them +# here. +###################################### +# SOCKET="/var/spool/postfix/spamass/spamass.sock" +# SOCKETOWNER="postfix:postfix" +# SOCKETMODE="0660" +###################################### diff --git a/spamassassin/default/spamass-milter.diff b/spamassassin/default/spamass-milter.diff new file mode 100644 index 0000000..aab7c18 --- /dev/null +++ b/spamassassin/default/spamass-milter.diff @@ -0,0 +1,23 @@ +--- spamass-milter.orig 2015-08-07 04:59:17.000000000 +0200 ++++ spamass-milter 2016-10-24 22:36:41.000000000 +0200 +@@ -9,14 +9,17 @@ + + # Default, use the spamass-milter user as the default user, ignore + # messages from localhost +-OPTIONS="-u spamass-milter -i 127.0.0.1" ++OPTIONS="-u spamass-milter" + +-# Reject emails with spamassassin scores > 15. +-#OPTIONS="${OPTIONS} -r 15" ++# Reject emails with spamassassin scores > 10. ++OPTIONS="${OPTIONS} -r 10" + + # Do not modify Subject:, Content-Type: or body. + #OPTIONS="${OPTIONS} -m" + ++# Use UNIX socket ++OPTIONS="${OPTIONS} -- --socket=/var/run/spamassassin/spamd.sock" ++ + ###################################### + # If /usr/sbin/postfix is executable, the following are set by + # default. You can override them by uncommenting and changing them diff --git a/spamassassin/default/spamassassin b/spamassassin/default/spamassassin new file mode 100644 index 0000000..561380f --- /dev/null +++ b/spamassassin/default/spamassassin @@ -0,0 +1,34 @@ +# /etc/default/spamassassin +# Duncan Findlay + +# WARNING: please read README.spamd before using. +# There may be security risks. + +# If you're using systemd (default for jessie), the ENABLED setting is +# not used. Instead, enable spamd by issuing: +# systemctl enable spamassassin.service +# Change to "1" to enable spamd on systems using sysvinit: +ENABLED=0 + +# Options +# See man spamd for possible options. The -d option is automatically added. + +# SpamAssassin uses a preforking model, so be careful! You need to +# make sure --max-children is not set to anything higher than 5, +# unless you know what you're doing. + +OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u debian-spamd -g debian-spamd --nouser-config --listen /var/run/spamassassin/spamd.sock --socketowner debian-spamd --socketgroup debian-spamd --socketmode 0660" + +# Pid file +# Where should spamd write its PID to file? If you use the -u or +# --username option above, this needs to be writable by that user. +# Otherwise, the init script will not be able to shut spamd down. +PIDFILE="/var/run/spamd.pid" + +# Set nice level of spamd +#NICE="--nicelevel 15" + +# Cronjob +# Set to anything but 0 to enable the cron job to automatically update +# spamassassin's rules on a nightly basis +CRON=1 diff --git a/spamassassin/default/spamassassin.diff b/spamassassin/default/spamassassin.diff new file mode 100644 index 0000000..960310e --- /dev/null +++ b/spamassassin/default/spamassassin.diff @@ -0,0 +1,17 @@ +--- spamassassin.orig 2014-10-14 06:21:29.000000000 +0200 ++++ spamassassin 2016-10-24 21:10:39.000000000 +0200 +@@ -17,7 +17,7 @@ + # make sure --max-children is not set to anything higher than 5, + # unless you know what you're doing. + +-OPTIONS="--create-prefs --max-children 5 --helper-home-dir" ++OPTIONS="--create-prefs --max-children 5 --helper-home-dir -u debian-spamd -g debian-spamd --nouser-config --listen /var/run/spamassassin/spamd.sock --socketowner debian-spamd --socketgroup debian-spamd --socketmode 0660" + + # Pid file + # Where should spamd write its PID to file? If you use the -u or +@@ -31,4 +31,4 @@ + # Cronjob + # Set to anything but 0 to enable the cron job to automatically update + # spamassassin's rules on a nightly basis +-CRON=0 ++CRON=1 diff --git a/spamassassin/init.sh b/spamassassin/init.sh new file mode 100755 index 0000000..431e66e --- /dev/null +++ b/spamassassin/init.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +set -e + +mkdir -p /var/run/spamassassin +chown debian-spamd: /var/run/spamassassin + +adduser spamass-milter debian-spamd || true diff --git a/spamassassin/local.cf b/spamassassin/local.cf index 1d65b9e..b6b9af0 100644 --- a/spamassassin/local.cf +++ b/spamassassin/local.cf @@ -1,44 +1,88 @@ -# Add your own customisations to this file. See 'man Mail::SpamAssassin::Conf' -# for details of what can be tweaked. -# +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# Only a small subset of options are listed below +# +########################################################################### + +# Add *****SPAM***** to the Subject header of spam e-mails +# +# rewrite_header Subject *****SPAM***** + + +# Save spam messages as a message/rfc822 MIME attachment instead of +# modifying the original message (0: off, 2: use text/plain instead) +# +# report_safe 1 + + +# Set which networks or hosts are considered 'trusted' by your mail +# server (i.e. not spammers) +# +# trusted_networks 212.17.35. + + +# Set file-locking method (flock is not safe over NFS, but is faster) +# +# lock_method flock -# Revert CHARSET_FARAWAY scores to upsream default -score CHARSET_FARAWAY 0.80 -score CHARSET_FARAWAY_BODY 2.06 -score CHARSET_FARAWAY_HEADERS 1.00 -# Lower Razor score (from 3.0) to let more mailinglist mail through -score RAZOR_CHECK 2.0 +# Set the threshold at which a message is considered spam (default: 5.0) +# +required_score 3.0 -# The below was found at http://flakshack.com/anti-spam/wiki/index.php?page=Debian -report_safe 0 +# Use Bayesian classifier (default: 1) +# +# use_bayes 1 + + +# Bayesian classifier auto-learning (default: 1) +# +# bayes_auto_learn 1 + + +# Set headers which may provide inappropriate cues to the Bayesian +# classifier +# +# bayes_ignore_header X-Bogosity +# bayes_ignore_header X-Spam-Flag +# bayes_ignore_header X-Spam-Status + + +# Some shortcircuiting, if the plugin is enabled +# +ifplugin Mail::SpamAssassin::Plugin::Shortcircuit +# +# default: strongly-whitelisted mails are *really* whitelisted now, if the +# shortcircuiting plugin is active, causing early exit to save CPU load. +# Uncomment to turn this on +# +# shortcircuit USER_IN_WHITELIST on +# shortcircuit USER_IN_DEF_WHITELIST on +# shortcircuit USER_IN_ALL_SPAM_TO on +# shortcircuit SUBJECT_IN_WHITELIST on -use_bayes 1 -bayes_path /var/lib/amavis/.spamassassin/bayes_seen +# the opposite; blacklisted mails can also save CPU +# +# shortcircuit USER_IN_BLACKLIST on +# shortcircuit USER_IN_BLACKLIST_TO on +# shortcircuit SUBJECT_IN_BLACKLIST on -skip_rbl_checks 0 -use_razor2 1 -use_dcc 1 -use_pyzor 1 +# if you have taken the time to correctly specify your "trusted_networks", +# this is another good way to save CPU +# +# shortcircuit ALL_TRUSTED on -dns_available yes +# and a well-trained bayes DB can save running rules, too +# +# shortcircuit BAYES_99 spam +# shortcircuit BAYES_00 ham -header LOCAL_RCVD Received =~ /.*\(\S+\.mydomain\.bogus\s+\[.*\]\)/ -describe LOCAL_RCVD Received from local machine -score LOCAL_RCVD -50 +endif # Mail::SpamAssassin::Plugin::Shortcircuit -## Optional Score Increases -score DCC_CHECK 4.000 -score SPF_FAIL 10.000 -score SPF_HELO_FAIL 10.000 -score RAZOR2_CHECK 2.500 -score BAYES_99 4.300 -score BAYES_90 3.500 -score BAYES_80 3.000 +use_bayes 0 -# Added by jsu2 -# refer to http://flakshack.com/anti-spam/wiki/index.php?page=Testing -body LOCAL_TEST1 /myspamtest12341234/ -describe LOCAL_TEST1 This is a unique phrase to trigger a positive score -score LOCAL_TEST1 50 +dns_query_restriction deny barracudacentral.org diff --git a/spamassassin/local.cf.diff b/spamassassin/local.cf.diff new file mode 100644 index 0000000..44f7324 --- /dev/null +++ b/spamassassin/local.cf.diff @@ -0,0 +1,19 @@ +--- local.cf.orig 2014-10-14 06:23:36.000000000 +0200 ++++ local.cf 2016-10-24 23:17:21.000000000 +0200 +@@ -31,7 +31,7 @@ + + # Set the threshold at which a message is considered spam (default: 5.0) + # +-# required_score 5.0 ++required_score 3.0 + + + # Use Bayesian classifier (default: 1) +@@ -82,3 +82,7 @@ + # shortcircuit BAYES_00 ham + + endif # Mail::SpamAssassin::Plugin::Shortcircuit ++ ++use_bayes 0 ++ ++dns_query_restriction deny barracudacentral.org diff --git a/spamassassin/v320.pre b/spamassassin/v320.pre new file mode 100644 index 0000000..1b2a961 --- /dev/null +++ b/spamassassin/v320.pre @@ -0,0 +1,64 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.2.0, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# Check - Provides main check functionality +# +loadplugin Mail::SpamAssassin::Plugin::Check + +# HTTPSMismatch - find URI mismatches between href and anchor text +# +loadplugin Mail::SpamAssassin::Plugin::HTTPSMismatch + +# URIDetail - test URIs using detailed URI information +# +loadplugin Mail::SpamAssassin::Plugin::URIDetail + +# Shortcircuit - stop evaluation early if high-accuracy rules fire +# +# loadplugin Mail::SpamAssassin::Plugin::Shortcircuit + +# Plugins which used to be EvalTests.pm +# broken out into separate plugins +loadplugin Mail::SpamAssassin::Plugin::Bayes +loadplugin Mail::SpamAssassin::Plugin::BodyEval +loadplugin Mail::SpamAssassin::Plugin::DNSEval +loadplugin Mail::SpamAssassin::Plugin::HTMLEval +loadplugin Mail::SpamAssassin::Plugin::HeaderEval +loadplugin Mail::SpamAssassin::Plugin::MIMEEval +loadplugin Mail::SpamAssassin::Plugin::RelayEval +loadplugin Mail::SpamAssassin::Plugin::URIEval +loadplugin Mail::SpamAssassin::Plugin::WLBLEval + +# VBounce - anti-bounce-message rules, see rules/20_vbounce.cf +# +loadplugin Mail::SpamAssassin::Plugin::VBounce + +# Rule2XSBody - speedup by compilation of ruleset to native code +# +loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody + +# ASN - Look up the Autonomous System Number of the connecting IP +# and create a header containing ASN data for bayes tokenization. +# See plugin's POD docs for usage info. +# +loadplugin Mail::SpamAssassin::Plugin::ASN + +# ImageInfo - rules to match metadata of image attachments +# +loadplugin Mail::SpamAssassin::Plugin::ImageInfo + diff --git a/spamassassin/v320.pre.diff b/spamassassin/v320.pre.diff new file mode 100644 index 0000000..07d973f --- /dev/null +++ b/spamassassin/v320.pre.diff @@ -0,0 +1,18 @@ +--- v320.pre.orig 2012-08-14 07:32:06.000000000 +0200 ++++ v320.pre 2008-11-28 13:52:06.000000000 +0100 +@@ -50,13 +50,13 @@ + + # Rule2XSBody - speedup by compilation of ruleset to native code + # +-# loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody ++loadplugin Mail::SpamAssassin::Plugin::Rule2XSBody + + # ASN - Look up the Autonomous System Number of the connecting IP + # and create a header containing ASN data for bayes tokenization. + # See plugin's POD docs for usage info. + # +-# loadplugin Mail::SpamAssassin::Plugin::ASN ++loadplugin Mail::SpamAssassin::Plugin::ASN + + # ImageInfo - rules to match metadata of image attachments + # diff --git a/spamassassin/v341.pre b/spamassassin/v341.pre new file mode 100644 index 0000000..37723cb --- /dev/null +++ b/spamassassin/v341.pre @@ -0,0 +1,28 @@ +# This is the right place to customize your installation of SpamAssassin. +# +# See 'perldoc Mail::SpamAssassin::Conf' for details of what can be +# tweaked. +# +# This file was installed during the installation of SpamAssassin 3.4.1, +# and contains plugin loading commands for the new plugins added in that +# release. It will not be overwritten during future SpamAssassin installs, +# so you can modify it to enable some disabled-by-default plugins below, +# if you so wish. +# +# There are now multiple files read to enable plugins in the +# /etc/mail/spamassassin directory; previously only one, "init.pre" was +# read. Now both "init.pre", "v310.pre", and any other files ending in +# ".pre" will be read. As future releases are made, new plugins will be +# added to new files, named according to the release they're added in. +########################################################################### + +# TxRep - Reputation database that replaces AWL +loadplugin Mail::SpamAssassin::Plugin::TxRep + +# URILocalBL - Provides ISP and Country code based filtering as well as +# quick IP based blocks without a full RBL implementation - Bug 7060 + +# loadplugin Mail::SpamAssassin::Plugin::URILocalBL + +# PDFInfo - Use several methods to detect a PDF file's ham/spam traits +# loadplugin Mail::SpamAssassin::Plugin::PDFInfo diff --git a/spamassassin/v341.pre.diff b/spamassassin/v341.pre.diff new file mode 100644 index 0000000..63643a1 --- /dev/null +++ b/spamassassin/v341.pre.diff @@ -0,0 +1,11 @@ +--- v341.pre.orig 2016-10-24 21:29:11.000000000 +0200 ++++ v341.pre 2016-10-24 22:57:05.000000000 +0200 +@@ -17,7 +17,7 @@ + ########################################################################### + + # TxRep - Reputation database that replaces AWL +-# loadplugin Mail::SpamAssassin::Plugin::TxRep ++loadplugin Mail::SpamAssassin::Plugin::TxRep + + # URILocalBL - Provides ISP and Country code based filtering as well as + # quick IP based blocks without a full RBL implementation - Bug 7060 -- cgit v1.2.3