Tag Archives: spam

Exim 4.69 (or 4.71) ACL for SpamAssassin

December 14, 2009 – 2:09 pm

I was having trouble with Exim not adding headers to SpamAssassin-checked emails. One day, when I should have really been doing something else, I read Chapter 40 of Exim’s specification, and all became clear.

Here’s what my appropriate ACL (in /etc/mail/exim.conf) looks now, almost completely by-the-book:

acl_check_data:
  
  # ...
  # malware section
  # ...
  
  # Add headers to a message if it is judged to be spam. Before enabling this,
  # you must install SpamAssassin. You may also need to set the spamd_address  
  # option above.
  
  # spams are never big and spamassassin can die on big emails, so we  
  # limit its use under 100kb  
  accept  condition = ${if >={$message_size}{100k}{yes}{no}}

  # put headers in all messages (no matter if spam or not)
  warn  spam = spamd:true
        add_header = X-Spam-Score: $spam_score ($spam_bar)
        add_header = X-Spam-Report: $spam_report
  
  # add second subject line with *SPAM* marker when message
  # is over threshold
  warn  spam = spamd
        add_header = Subject: *SPAM* $h_Subject:

  # reject spam at high scores (> 20)
  deny  message = This message scored $spam_score spam points.
        spam = spamd:true
        condition = ${if >{$spam_score_int}{200}{1}{0}}

  # Accept the message.
  accept
By thandle | Posted in Uncategorized | Also tagged , , , , , | Comments (0)

Kiddies playing

September 17, 2009 – 6:34 am

Here’s what exim caught:

> 2009-09-15 23:59:31 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="GET http://www.scanproxy.com:80/p-25.html
+HTTP/1.0\r\nContent-Type: text/html\r\nProxy-Connection: keep-alive\r\nHost: www.scanproxy.com\r\nAccept:
+image/gif,"
> 2009-09-15 23:59:32 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="0401"
> 2009-09-15 23:59:33 SMTP protocol synchronization error (input sent without waiting for greeting):
+rejected connection from H=[220.139.127.112] input="0501"

220.139.127.112 is Chunghwa Telecom Co., Ltd. in Taiwan.

By thandle | Posted in Uncategorized | Also tagged , , , , | Comments (0)

SpamAssassin and Exim on Arch Linux: some config trouble

August 22, 2009 – 12:35 pm

I had this happen – SA wasn’t reading user_prefs out of a proper home dir:

[12071] info: spamd: creating default_prefs: //.spamassassin/user_prefs
[12071] dbg: config: using "/.spamassassin" for user state dir
[12071] dbg: config: mkdir /.spamassassin failed: mkdir /.spamassassin: Permission denied at /usr/share/perl5/vendor_perl/Mail/SpamAssassin.pm line 1577
[12071] dbg: config: Permission denied
[12071] warn: config: cannot write to //.spamassassin/user_prefs: No such file or directory
[12071] info: spamd: failed to create readable default_prefs: //.spamassassin/user_prefs
[12071] dbg: config: read_scoreonly_config: cannot open "//.spamassassin/user_prefs": No such file or directory

I thought this was due to the way spamassassin was invoked, so I tried specifying the user and homedir explicitly. It didn’t work. I tried creating a ‘spamd’ user, a homedir, changing the invocation to that:

sudo spamd -c --max-children 3 --username spamd -H "/var/lib/spamassassin/" -s stderr -D

Didn’t help.

Then I RTFMed some. That reminded me of writing something about user ‘nobody’ in exim.conf. That’s the user for which spam filtering is invoked; so if you allow per-user configuration, it doesn’t really matter that you specify “/var/lib/spamassassin” as a homedir, that’s just for the parent spamd process. For every child, the directory will be changed; for ‘nobody’ it’s ‘/’.

So I changed that line to have ‘spamd’ instead, and voila!

[12071] info: spamd: creating default_prefs: /var/lib/spamassassin/.spamassassin/user_prefs
[12071] dbg: config: using "/var/lib/spamassassin/.spamassassin" for user state dir
[12071] warn: config: created user preferences file: /var/lib/spamassassin/.spamassassin/user_prefs
[12071] dbg: conf: finish parsing

By thandle | Posted in Uncategorized | Also tagged , , , , , | Comments (0)

Configuring Exim to use SpamAssassin in ArchLinux

August 15, 2009 – 12:12 pm

There’s a lot of outdated stuff floating on the internets. This one was most useful to me.

Basically, if you install Exim and SA from pacman, you’ve already got everything enabled. Filtering spam is done via an Access Control List (the last one in exim.conf). Don’t bother with transports unless you’re sure you want them.

Add spamd to daemons in rc.conf. If you want reject logging, append

-s /var/log/spamd.log -D check

to the string in /etc/config.d/spamd.

By thandle | Posted in Uncategorized | Also tagged , , , , , | Comments (0)