Difference between revisions of "Filtering Spam with Procmail"
| Line 67: | Line 67: | ||
The LOGFILE can be set to keep a log of procmail activities for your account. | The LOGFILE can be set to keep a log of procmail activities for your account. | ||
| − | Note: Please clean out the your procmaillog file occasionally with the following command on a Grad/Research Net : | + | ''Note: Please clean out the your procmaillog file occasionally with the following command on a Grad/Research Net :'' |
<pre> cat /dev/null > /users/joe/Mail/procmaillog</pre> (of course, change "joe" to your account name.) | <pre> cat /dev/null > /users/joe/Mail/procmaillog</pre> (of course, change "joe" to your account name.) | ||
Revision as of 20:20, 4 March 2010
The CS Department uses Spamassassin on the Grad/Research Net only to track spam e-mail and to tag the Subject line of that spam with with the text, ** SPAM **
We do not filter out or delete any e-mail tagged as ** SPAM **. We merely tag it as such, and you can use your own mail client or procmail to filter/delete/move that mail.
(The exception is mail with viruses. Our mail server's virus checker will remove mail that contains any virus that it can detect.)
Customizing Your Spamassassin preferences
The mail server does a global spamassassin sweep of incoming CS mail based on various criteria. You can define additional criteria or other options by providing personal spamassassin options.
To do this:
1) Create a directory called .spamassassin (don't forget the dot) under your home directory..
2) In your .spamassassin directory, create a file called user_prefs.
user_prefs is the configuration file to put in your spamassassin customizations.
For example, to change your Subject tag to something different, you could add the line to the user_prefs file:
subject_tag **THIS IS S-P-A-M**
And then, mail identified as spam will have this new tag in the Subject line instead of the default, ** SPAM **.
Other options can be found at: http://www.spamassassin.org/doc/Mail_SpamAssassin_Conf.html (NOTE: Not all of the options listed on that page are available to users, and we're using a older revision of spamassassin, so some options listed on that page may not be available for our version.)
You may find you want to see more header info, and the link above can supply you some info in doing so.
One common option to configure is the number of "required hits". When spamassassin does it's tests, it provides your incoming message with a hit value (think of it as a point value). The higher number of hits, the most likely the message is spam. The lower the hits, the most likely the mail is ham (ham is mail that is not spam). In the CS dept, mail that contains 7.0 or more hits is tagged as spam. You can make that number lower, say, 5.0 or 6.0, meaning if spamassassin indicates the mail message has only 5 or 6 hits in the spamassassin scanner, then the message will be tagged as spam. This increases the risk of having false positives (non-spam mail getting tagged as spam), but it also ensures that more of your spam mail will get tagged as spam. For most users, you do not have this set the "required hits" option, since the global configuration sets it to a 7.0 threshold. If you want to change that, change it in your user_prefs file with something like:
required_hits 5.8
Remember, at this point, you're not deleting the spam mail. You're only tagging the Subject line of the spam mail. If you decide not to create your own user_prefs, spammassassi will use the mail server's defaults to tag spam mail as being spam.
Configuring Your Account to Filter ** SPAM **-tagged mail with procmail.
Procmail is a system that allows you to manipulate mail messages as they arrive. There is a global (server) procmail configuration, but you can also create your own configuration for your account. There are many options for procmail, but you can find useful tips and recipes for procmail at: http://lipas.uwasa.fi/~ts/info/proctips.html
As an easy example, let's take a user named joe. joe wants to file mail tagged as ** SPAM ** into a seperate spam folder for later review.
create a file called .procmailrc (don't forget the dot) in your home directory..
Edit the file to look something like this:
MAILDIR=/users/joe/Mail DEFAULT=/var/mail/joe LOGFILE=$MAILDIR/procmaillog LOCKEXT=.lock :0: * ^Subject.*\*\*SPAM\*\*.* SPAMFOLDER
The first line, MAILDIR, sets the mail directory to be the Unix directory on our Grad/Research Net systems that you use to store your mail folders.
The DEFAULT line is standard; it is the location of your inbox.
The LOGFILE can be set to keep a log of procmail activities for your account.
Note: Please clean out the your procmaillog file occasionally with the following command on a Grad/Research Net :
cat /dev/null > /users/joe/Mail/procmaillog
(of course, change "joe" to your account name.)
LOCKEXT line is needed as is.
Now, the section beginning with :0: does the file of mail with the ** SPAM ** tag in its subject to a folder called SPAMFOLDER. That folder will be stored in the directory defined by the first line in the file, MAILDIR. the * ^Subject line says, "if the Subject contains ** SPAM **, then... file it into SPAMFOLDER.
Notice the backslashes. In some forms of Unix, you need to make sure you have \ marks before certain instances of special characters like *. We call that "escaping the characting". In this case, some of the * characters in that line are "escaped", and some are not. Just follow the example.
At this point, we can tell the mail system to start filing our ** SPAM **-tagged mail.
To do this, create a filePPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP