Spamassassin setup

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]

• Create the database

# mysqladmin -p create bayes

• Populate the database

 # mysql -p bayes < /usr/share/doc/spamassassin-$(rpm --qf %{VERSION} -q spamassassin)/sql/bayes_mysql.sql

• Create the user

 # mysql -p
 mysql> GRANT ALL ON bayes.* TO bayes@localhost IDENTIFIED BY 'password';

• Edit the file /etc/mail/spamassassin/local.cf and add

bayes_store_module  Mail::SpamAssassin::BayesStore::MySQL
bayes_sql_dsn       DBI:mysql:bayes:localhost
bayes_sql_override_username bayes
bayes_sql_username  bayes
bayes_sql_password  password

We will be storing the image hashes in a mysql database to improve on performance such that images that we have already scanned do not get scanned again as OCR is a resource intense activity.

• The sql script creates the database and tables and adds a user fuzzyocr with the password fuzzyocr

# mysql -p < /usr/local/src/devel/FuzzyOcr.mysql

• Change the password

 # mysqladmin -u fuzzyocr -p fuzzyocr password

• Edit /etc/mail/spamassassin/FuzzyOCR.cf and set the basic options

focr_path_bin /usr/bin:/usr/local/bin
focr_minimal_scanset 1
focr_autosort_scanset 1
focr_enable_image_hashing 3
focr_logfile /tmp/FuzzyOcr.log

• Edit the file /etc/mail/spamassassin/FuzzyOcr.cf and add

focr_mysql_db FuzzyOcr
focr_mysql_hash Hash
focr_mysql_safe Safe
focr_mysql_user fuzzyocr
focr_mysql_pass password
focr_mysql_host localhost
focr_mysql_port 3306
focr_mysql_socket /var/lib/mysql/mysql.sock

• Import the GPG key used to sign the rules

 # mkdir /etc/mail/spamassassin/sa-update-keys/
 # chmod 700 /etc/mail/spamassassin/sa-update-keys/
 # wget http://daryl.dostech.ca/sa-update/sare/GPG.KEY
 # sa-update --import GPG.KEY

• Create the channels file /etc/mail/spamassassin/sare-sa-update-channels.txt

updates.spamassassin.org
72_sare_redirect_post3.0.0.cf.sare.sa-update.dostech.net
70_sare_evilnum0.cf.sare.sa-update.dostech.net
70_sare_bayes_poison_nxm.cf.sare.sa-update.dostech.net
70_sare_html0.cf.sare.sa-update.dostech.net
70_sare_html_eng.cf.sare.sa-update.dostech.net
70_sare_header0.cf.sare.sa-update.dostech.net
70_sare_header_eng.cf.sare.sa-update.dostech.net
70_sare_specific.cf.sare.sa-update.dostech.net
70_sare_adult.cf.sare.sa-update.dostech.net
72_sare_bml_post25x.cf.sare.sa-update.dostech.net
99_sare_fraud_post25x.cf.sare.sa-update.dostech.net
70_sare_spoof.cf.sare.sa-update.dostech.net
70_sare_random.cf.sare.sa-update.dostech.net
70_sare_oem.cf.sare.sa-update.dostech.net
70_sare_genlsubj0.cf.sare.sa-update.dostech.net
70_sare_genlsubj_eng.cf.sare.sa-update.dostech.net
70_sare_unsub.cf.sare.sa-update.dostech.net
70_sare_uri0.cf.sare.sa-update.dostech.net
70_sare_obfu0.cf.sare.sa-update.dostech.net
70_sare_stocks.cf.sare.sa-update.dostech.net

• Create an update script /usr/local/bin/update-sa

#!/bin/bash
#
#
sa-update -D --channelfile /etc/mail/spamassassin/sare-sa-update-channels.txt --gpgkey 856AA88A &>/var/log/sa-updates.log

• Make it executable and add to cron

 # chmod +x /usr/local/bin/update-sa
 # ln -s /usr/local/bin/update-sa /etc/cron.daily/
 # ln -s /usr/local/bin/update-sa /etc/cron.hourly/