Simscan: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
(11 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[Configuration#Simscan|Back]]<br> | |||
== Scanning == | |||
In /etc/tcprules.d/tcp.smtp set environment variable QMAILQUEUE to simscan binary | |||
...,QMAILQUEUE="/var/qmail/bin/simscan",... | |||
Rebuild tcp.smtp | |||
# qmailctl cdb | |||
== Control == | |||
Simscan's control file is /var/qmail/control/simcontrol | |||
It's format looks like thus:<br> | |||
:clam=yes,spam=yes,spam_hits=9.5,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif | |||
This tells simscan for all domains to scan with ClamAV, Spamassassin, filter attachments, queueing all mail after filtering<br> | |||
Consider the following format:<br> | |||
domain.tld:dspam=yes,rspam=yes,clam=yes,spam=yes,spam_passthru=yes,... | |||
This tells simscan for domain.tld to scan with Dspam, Rspam, ClamAV, Spamassassin,...<br> | |||
Upon edit of simcontrol the file must be put into proper format for use, run | |||
# qmailctl cdb | |||
== Ramdisk == | == Ramdisk == | ||
Use htop or other program to determine available memory for ramdisk (size=) | Use htop or other program to determine available memory for ramdisk (size=) | ||
# clamgid=$(test -z "$(cat /etc/passwd | grep ^clamav)" && id -g clamscan 2>/dev/null || id -g clamav 2>/dev/null) && echo $clamgid | # clamgid=$(test -z "$(cat /etc/passwd | grep ^clamav)" && id -g clamscan 2>/dev/null || id -g clamav 2>/dev/null) && echo $clamgid | ||
# qmailctl stop | # qmailctl stop | ||
# mount -t tmpfs -o size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 myramdisk /var/qmail/simscan | # mount -t tmpfs -o size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 myramdisk /var/qmail/simscan | ||
# ls -ld /var/qmail/simscan | # ls -ld /var/qmail/simscan | ||
drwxr-x--- 2 clamscan root 6 Aug 17 13:28 /var/qmail/simscan | |||
# qmailctl start | # qmailctl start | ||
# df -h /var/qmail/simscan | # df -h /var/qmail/simscan | ||
Filesystem Size Used Avail Use% Mounted on | |||
myramdisk 1.0G 0 1.0G 0% /var/qmail/simscan | |||
# cp /etc/fstab /etc/fstab.bak | # cp /etc/fstab /etc/fstab.bak | ||
# echo "myramdisk /var/qmail/simscan tmpfs size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 0 0" >> /etc/fstab | # echo "myramdisk /var/qmail/simscan tmpfs size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 0 0" >> /etc/fstab | ||
Make sure /etc/fstab file is okay before a reboot | Make sure /etc/fstab file is okay before a reboot | ||
# cat /etc/fstab | # cat /etc/fstab | ||
== Filtering == | == Filtering == | ||
FEDORAREPO= | FEDORAREPO= | ||
Install Dspam, Rspam, SA userprefs | Install Dspam, Rspam, SA userprefs | ||
# Begin Fedora Install CentOS 8 ***** ONLY ***** | # Begin Fedora Install CentOS 8 ***** ONLY ***** | ||
rel=`grep "release 8" /etc/*-release` | rel=`grep "release 8" /etc/*-release` | ||
if [[ ! -z $rel ]] | if [[ ! -z $rel ]] | ||
then | then | ||
rel=8 | |||
FEDORAREPO=--enablerepo=fedora | |||
sites=( https://d2lzkl7pfhq30w.cloudfront.net/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/ | |||
http://mirror.math.princeton.edu/pub/fedora-archive/fedora/linux/releases/28/Everything/x86_64/os/ | |||
http://pubmirror1.math.uh.edu/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ | |||
https://pubmirror2.math.uh.edu/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ | |||
http://mirrors.kernel.org/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ | |||
https://dl.fedoraproject.org/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/ ) | |||
printf '%s\n%s\n%s\n%s\n%s\n%s\n' '[fedora]' 'name=Fedora 28' 'mirrorlist=file:///etc/yum.repos.d/fedoramirrors' \ | |||
'enabled=0' 'gpgcheck=0' 'priority=100' > /etc/yum.repos.d/fedora28.repo | |||
printf '%s\n%s\n%s\n%s\n%s\n%s\n' "${sites[0]}" "${sites[1]}" "${sites[2]}" "{$sites[3]}" "${sites[4]}" "${sites[5]}" \ | |||
> /etc/yum.repos.d/fedoramirrors | > /etc/yum.repos.d/fedoramirrors | ||
else | else | ||
rel=7 | |||
fi | fi | ||
# End Fedora Install CentOS 8 ***** ONLY ***** | # End Fedora Install CentOS 8 ***** ONLY ***** | ||
# Begin DSpam DB Install, Skip if already installed | # Begin DSpam DB Install, Skip if already installed | ||
wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sql | wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sql | ||
if [ "$?" != "0" ]; then | if [ "$?" != "0" ]; then | ||
echo "Error downloading dspam db: ($?), exiting..." | echo "Error downloading dspam db: ($?), exiting..." | ||
exit 1 | exit 1 | ||
fi | fi | ||
MYSQLPW= | MYSQLPW= | ||
# Get DB password for administrator and check validity. | # Get DB password for administrator and check validity. | ||
if [ -z "$MYSQLPW" ]; then | if [ -z "$MYSQLPW" ]; then | ||
read -s -p "Enter MySQL/MariaDB admin password to create dspam database: " MYSQLPW | |||
fi | fi | ||
credfile=~/sql.cnf | credfile=~/sql.cnf | ||
echo -e "[client]\nuser=root\npassword='$MYSQLPW'\nhost=localhost" > $credfile | echo -e "[client]\nuser=root\npassword='$MYSQLPW'\nhost=localhost" > $credfile | ||
mysqladmin --defaults-extra-file=$credfile status > /dev/null 2>&1 | mysqladmin --defaults-extra-file=$credfile status > /dev/null 2>&1 | ||
if [ "$?" != "0" ]; then | if [ "$?" != "0" ]; then | ||
echo "Bad MySQL/MariaDB administrator password or MySQL/MariaDB is not running. Exiting..." | echo "Bad MySQL/MariaDB administrator password or MySQL/MariaDB is not running. Exiting..." | ||
exit 1 | exit 1 | ||
fi | fi | ||
echo "" | echo "" | ||
echo "Dropping Dspam database if it exists already..." | echo "Dropping Dspam database if it exists already..." | ||
mysql --defaults-extra-file=$credfile -e "use dspam" &> /dev/null | mysql --defaults-extra-file=$credfile -e "use dspam" &> /dev/null | ||
[ "$?" = "0" ] && mysqldump --defaults-extra-file=$credfile dspam > dspam.sql \ | [ "$?" = "0" ] && mysqldump --defaults-extra-file=$credfile dspam > dspam.sql \ | ||
&& mysql --defaults-extra-file=$credfile -e "drop database dspam" \ | && mysql --defaults-extra-file=$credfile -e "drop database dspam" \ | ||
&& echo "dspam db saved to dspam.sql and dropped..." | && echo "dspam db saved to dspam.sql and dropped..." | ||
# Create dspam with correct permissions | # Create dspam with correct permissions | ||
echo "Creating Dspam database..." | echo "Creating Dspam database..." | ||
mysqladmin --defaults-extra-file=$credfile reload | mysqladmin --defaults-extra-file=$credfile reload | ||
mysqladmin --defaults-extra-file=$credfile refresh | mysqladmin --defaults-extra-file=$credfile refresh | ||
mysqladmin --defaults-extra-file=$credfile create dspam | mysqladmin --defaults-extra-file=$credfile create dspam | ||
mysqladmin --defaults-extra-file=$credfile reload | mysqladmin --defaults-extra-file=$credfile reload | ||
mysqladmin --defaults-extra-file=$credfile refresh | mysqladmin --defaults-extra-file=$credfile refresh | ||
echo "Adding dspam users and privileges..." | echo "Adding dspam users and privileges..." | ||
mysql --defaults-extra-file=$credfile -e "CREATE USER dspam@localhost IDENTIFIED BY 'p4ssw3rd'" | mysql --defaults-extra-file=$credfile -e "CREATE USER dspam@localhost IDENTIFIED BY 'p4ssw3rd'" | ||
mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON dspam.* TO dspam@localhost" | mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON dspam.* TO dspam@localhost" | ||
mysqladmin --defaults-extra-file=$credfile reload | mysqladmin --defaults-extra-file=$credfile reload | ||
mysqladmin --defaults-extra-file=$credfile refresh | mysqladmin --defaults-extra-file=$credfile refresh | ||
echo "Done with dspam database..." | echo "Done with dspam database..." | ||
mysql --defaults-extra-file=$credfile dspam < dspamdb.sql | mysql --defaults-extra-file=$credfile dspam < dspamdb.sql | ||
mysqladmin --defaults-extra-file=$credfile reload | mysqladmin --defaults-extra-file=$credfile reload | ||
mysqladmin --defaults-extra-file=$credfile refresh | mysqladmin --defaults-extra-file=$credfile refresh | ||
# End DSpam DB install | # End DSpam DB install | ||
# Rspam Installation: | # Rspam Installation: | ||
wget https://rspamd.com/rpm-stable/centos-$rel/rspamd.repo -O /etc/yum.repos.d/rspamd.repo | wget https://rspamd.com/rpm-stable/centos-$rel/rspamd.repo -O /etc/yum.repos.d/rspamd.repo | ||
dnf $FEDORAREPO --enablerepo=qmt-devel install dspam dspam-libs dspam-client dspam-mysql dspam-web rspamd | dnf $FEDORAREPO --enablerepo=qmt-devel install dspam dspam-libs dspam-client dspam-mysql dspam-web rspamd | ||
systemctl enable --now dspam | systemctl enable --now dspam | ||
systemctl status dspam | systemctl status dspam | ||
systemctl enable --now rspamd | systemctl enable --now rspamd | ||
systemctl status rspamd | systemctl status rspamd | ||
# Update Simscan | # Update Simscan | ||
dnf --enablerepo=qmt-devel update simscan | dnf --enablerepo=qmt-devel update simscan | ||
# Up qmail limits | # Up qmail limits | ||
sed -i 's/softlimit -m.*\\/softlimit -m 256000000 \\/' /var/qmail/supervise/smtp/run | sed -i 's/softlimit -m.*\\/softlimit -m 256000000 \\/' /var/qmail/supervise/smtp/run | ||
qmailctl stop | qmailctl stop | ||
qmailctl start | qmailctl start | ||
# SA user prefs | # SA user prefs | ||
# Create SA DB and load table into MySQL | # Create SA DB and load table into MySQL | ||
cat >> ./sadb.sql << EOF | cat >> ./sadb.sql << EOF | ||
CREATE TABLE userpref ( | CREATE TABLE userpref ( | ||
username varchar(100) NOT NULL default '', | username varchar(100) NOT NULL default '', | ||
preference varchar( | preference varchar(50) NOT NULL default '', | ||
value varchar( | value varchar(255) NOT NULL default '', | ||
prefid int(11) NOT NULL auto_increment, | prefid int(11) NOT NULL auto_increment, | ||
ts timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(), | |||
PRIMARY KEY (prefid), | PRIMARY KEY (prefid), | ||
KEY username (username) | KEY username (username) | ||
) ENGINE=InnoDB; | ) ENGINE=InnoDB; | ||
EOF | EOF | ||
mysqladmin --defaults-extra-file=$credfile create spamassassin | mysqladmin --defaults-extra-file=$credfile create spamassassin | ||
mysql --defaults-extra-file=$credfile -e "CREATE USER spamassassin@localhost IDENTIFIED BY 'p4ssw3rd'" | mysql --defaults-extra-file=$credfile -e "CREATE USER spamassassin@localhost IDENTIFIED BY 'p4ssw3rd'" | ||
mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON spamassassin.* TO spamassassin@localhost" | mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON spamassassin.* TO spamassassin@localhost" | ||
mysqladmin --defaults-extra-file=$credfile reload | mysqladmin --defaults-extra-file=$credfile reload | ||
mysqladmin --defaults-extra-file=$credfile refresh | mysqladmin --defaults-extra-file=$credfile refresh | ||
mysql --defaults-extra-file=$credfile spamassassin < sadb.sql | mysql --defaults-extra-file=$credfile spamassassin < sadb.sql | ||
# Read SA SQL DB | # Read SA SQL DB | ||
cat >> /etc/mail/spamassassin/sql.cf << EOF | cat >> /etc/mail/spamassassin/sql.cf << EOF | ||
user_scores_dsn DBI:mysql:spamassassin:localhost:3306 | user_scores_dsn DBI:mysql:spamassassin:localhost:3306 | ||
user_scores_sql_password p4ssw3rd | user_scores_sql_password p4ssw3rd | ||
user_scores_sql_username spamassassin | user_scores_sql_username spamassassin | ||
user_scores_sql_custom_query SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '$GLOBAL' OR username = CONCAT('%',_DOMAIN_) ORDER BY username ASC | user_scores_sql_custom_query SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '$GLOBAL' OR username = | ||
EOF | CONCAT('%',_DOMAIN_) ORDER BY username ASC | ||
echo "include sql.cf" >> /etc/mail/spamassassin/local.cf | EOF | ||
echo "include sql.cf" >> /etc/mail/spamassassin/local.cf | |||
# Add Per User Settings in SA SQL DB (Yours may differ) | # Add Per User Settings in SA SQL DB (Yours may differ) | ||
echo "INSERT INTO userpref (username,preference,value) VALUES ('\$GLOBAL','required_hits','5.0');" | mysql -u root -p spamassassin | echo "INSERT INTO userpref (username,preference,value) VALUES ('\$GLOBAL','required_hits','5.0');" | mysql -u root -p spamassassin | ||
echo "INSERT INTO userpref (username,preference,value) VALUES ('user@dom.com','required_hits','7.0');" | mysql -u root -p spamassassin | echo "INSERT INTO userpref (username,preference,value) VALUES ('user@dom.com','required_hits','7.0');" | mysql -u root -p spamassassin | ||
echo "INSERT INTO userpref (username,preference,value) VALUES ('globalspam','required_hits','5.0');" | mysql -u root -p spamassassin | echo "INSERT INTO userpref (username,preference,value) VALUES ('globalspam','required_hits','5.0');" | mysql -u root -p spamassassin | ||
echo "select * from userpref" | mysql -u root -p spamassassin | echo "select * from userpref" | mysql -u root -p spamassassin | ||
# Tell SA Daemon To Use SQL DB | # Tell SA Daemon To Use SQL DB | ||
sed -i 's/SPAMDOPTIONS=".*"/SPAMDOPTIONS="--create-prefs -m10 -q -x -u clamscan"/' /etc/sysconfig/spamassassin | sed -i 's/SPAMDOPTIONS=".*"/SPAMDOPTIONS="--create-prefs -m10 -q -x -u clamscan"/' /etc/sysconfig/spamassassin | ||
# Bayesian Filtering | # Bayesian Filtering | ||
mkdir /etc/mail/spamassassin/.spamassassin | mkdir /etc/mail/spamassassin/.spamassassin | ||
chown -R clamscan:clamscan /etc/mail/spamassassin/.spamassassin | chown -R clamscan:clamscan /etc/mail/spamassassin/.spamassassin | ||
cat >> /etc/mail/spamassassin/bayes.cf << EOF | cat >> /etc/mail/spamassassin/bayes.cf << EOF | ||
use_bayes 1 | use_bayes 1 | ||
use_bayes_rules 1 | use_bayes_rules 1 | ||
bayes_auto_learn 1 | bayes_auto_learn 1 | ||
bayes_path /etc/mail/spamassassin/.spamassassin/bayes | bayes_path /etc/mail/spamassassin/.spamassassin/bayes | ||
bayes_auto_learn_threshold_spam 6.0 | bayes_auto_learn_threshold_spam 6.0 | ||
bayes_file_mode 0775 | bayes_file_mode 0775 | ||
EOF | EOF | ||
echo "include bayes.cf" >> /etc/mail/spamassassin/local.cf | echo "include bayes.cf" >> /etc/mail/spamassassin/local.cf | ||
systemctl restart spamassassin | systemctl restart spamassassin | ||
# Tell simscan, append to simcontrol, reload cdb | # Tell simscan, append to simcontrol, reload cdb | ||
dspam=yes,rspam=yes,regex | dspam=yes,rspam=yes,regex | ||
optional: dspamuser=globalspam (Otherwise the first envelope 'rcpt to' address is used) | optional: dspamuser=globalspam (Otherwise the first envelope 'rcpt to' address is used) | ||
optional: spamuser=globalspam (Add to userprefs table) | optional: spamuser=globalspam (Add to userprefs table) | ||
optional: remove spam_hits=* (Otherwise userprefs will not be used) | optional: remove spam_hits=* (Otherwise userprefs will not be used) | ||
qmailctl cdb | qmailctl cdb | ||
# This is my configuration: | # This is my configuration: | ||
:clam=yes,spam=yes,rspam=yes,dspam=yes,spam_passthru=yes,attach=.exe:.pif:.scr | :clam=yes,spam=yes,rspam=yes,dspam=yes,spam_passthru=yes,attach=.exe:.pif:.scr |
Latest revision as of 11:53, 19 October 2024
Scanning
In /etc/tcprules.d/tcp.smtp set environment variable QMAILQUEUE to simscan binary ...,QMAILQUEUE="/var/qmail/bin/simscan",... Rebuild tcp.smtp # qmailctl cdb
Control
Simscan's control file is /var/qmail/control/simcontrol It's format looks like thus:
:clam=yes,spam=yes,spam_hits=9.5,spam_passthru=yes,attach=.vbs:.lnk:.scr:.wsh:.hta:.pif This tells simscan for all domains to scan with ClamAV, Spamassassin, filter attachments, queueing all mail after filtering
Consider the following format:
domain.tld:dspam=yes,rspam=yes,clam=yes,spam=yes,spam_passthru=yes,... This tells simscan for domain.tld to scan with Dspam, Rspam, ClamAV, Spamassassin,...
Upon edit of simcontrol the file must be put into proper format for use, run # qmailctl cdb
Ramdisk
Use htop or other program to determine available memory for ramdisk (size=) # clamgid=$(test -z "$(cat /etc/passwd | grep ^clamav)" && id -g clamscan 2>/dev/null || id -g clamav 2>/dev/null) && echo $clamgid # qmailctl stop # mount -t tmpfs -o size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 myramdisk /var/qmail/simscan # ls -ld /var/qmail/simscan drwxr-x--- 2 clamscan root 6 Aug 17 13:28 /var/qmail/simscan # qmailctl start # df -h /var/qmail/simscan Filesystem Size Used Avail Use% Mounted on myramdisk 1.0G 0 1.0G 0% /var/qmail/simscan # cp /etc/fstab /etc/fstab.bak # echo "myramdisk /var/qmail/simscan tmpfs size=1024m,nodev,noexec,noatime,uid=$clamgid,gid=0,mode=0750 0 0" >> /etc/fstab Make sure /etc/fstab file is okay before a reboot # cat /etc/fstab
Filtering
FEDORAREPO= Install Dspam, Rspam, SA userprefs
# Begin Fedora Install CentOS 8 ***** ONLY ***** rel=`grep "release 8" /etc/*-release` if ! -z $rel then rel=8 FEDORAREPO=--enablerepo=fedora sites=( https://d2lzkl7pfhq30w.cloudfront.net/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/ http://mirror.math.princeton.edu/pub/fedora-archive/fedora/linux/releases/28/Everything/x86_64/os/ http://pubmirror1.math.uh.edu/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ https://pubmirror2.math.uh.edu/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ http://mirrors.kernel.org/fedora-buffet/archive/fedora/linux/releases/28/Everything/x86_64/os/ https://dl.fedoraproject.org/pub/archive/fedora/linux/releases/28/Everything/x86_64/os/ ) printf '%s\n%s\n%s\n%s\n%s\n%s\n' '[fedora]' 'name=Fedora 28' 'mirrorlist=file:///etc/yum.repos.d/fedoramirrors' \ 'enabled=0' 'gpgcheck=0' 'priority=100' > /etc/yum.repos.d/fedora28.repo printf '%s\n%s\n%s\n%s\n%s\n%s\n' "${sites[0]}" "${sites[1]}" "${sites[2]}" "{$sites[3]}" "${sites[4]}" "${sites[5]}" \ > /etc/yum.repos.d/fedoramirrors else rel=7 fi # End Fedora Install CentOS 8 ***** ONLY *****
# Begin DSpam DB Install, Skip if already installed wget https://raw.githubusercontent.com/qmtoaster/dspam/master/dspamdb.sql if [ "$?" != "0" ]; then echo "Error downloading dspam db: ($?), exiting..." exit 1 fi MYSQLPW= # Get DB password for administrator and check validity. if [ -z "$MYSQLPW" ]; then read -s -p "Enter MySQL/MariaDB admin password to create dspam database: " MYSQLPW fi credfile=~/sql.cnf echo -e "[client]\nuser=root\npassword='$MYSQLPW'\nhost=localhost" > $credfile mysqladmin --defaults-extra-file=$credfile status > /dev/null 2>&1 if [ "$?" != "0" ]; then echo "Bad MySQL/MariaDB administrator password or MySQL/MariaDB is not running. Exiting..." exit 1 fi echo "" echo "Dropping Dspam database if it exists already..." mysql --defaults-extra-file=$credfile -e "use dspam" &> /dev/null [ "$?" = "0" ] && mysqldump --defaults-extra-file=$credfile dspam > dspam.sql \ && mysql --defaults-extra-file=$credfile -e "drop database dspam" \ && echo "dspam db saved to dspam.sql and dropped..."
# Create dspam with correct permissions echo "Creating Dspam database..." mysqladmin --defaults-extra-file=$credfile reload mysqladmin --defaults-extra-file=$credfile refresh mysqladmin --defaults-extra-file=$credfile create dspam mysqladmin --defaults-extra-file=$credfile reload mysqladmin --defaults-extra-file=$credfile refresh echo "Adding dspam users and privileges..." mysql --defaults-extra-file=$credfile -e "CREATE USER dspam@localhost IDENTIFIED BY 'p4ssw3rd'" mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON dspam.* TO dspam@localhost" mysqladmin --defaults-extra-file=$credfile reload mysqladmin --defaults-extra-file=$credfile refresh echo "Done with dspam database..." mysql --defaults-extra-file=$credfile dspam < dspamdb.sql mysqladmin --defaults-extra-file=$credfile reload mysqladmin --defaults-extra-file=$credfile refresh # End DSpam DB install
# Rspam Installation: wget https://rspamd.com/rpm-stable/centos-$rel/rspamd.repo -O /etc/yum.repos.d/rspamd.repo
dnf $FEDORAREPO --enablerepo=qmt-devel install dspam dspam-libs dspam-client dspam-mysql dspam-web rspamd systemctl enable --now dspam systemctl status dspam systemctl enable --now rspamd systemctl status rspamd
# Update Simscan dnf --enablerepo=qmt-devel update simscan
# Up qmail limits sed -i 's/softlimit -m.*\\/softlimit -m 256000000 \\/' /var/qmail/supervise/smtp/run qmailctl stop qmailctl start
# SA user prefs
# Create SA DB and load table into MySQL cat >> ./sadb.sql << EOF CREATE TABLE userpref ( username varchar(100) NOT NULL default , preference varchar(50) NOT NULL default , value varchar(255) NOT NULL default , prefid int(11) NOT NULL auto_increment, ts timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(), PRIMARY KEY (prefid), KEY username (username) ) ENGINE=InnoDB; EOF mysqladmin --defaults-extra-file=$credfile create spamassassin mysql --defaults-extra-file=$credfile -e "CREATE USER spamassassin@localhost IDENTIFIED BY 'p4ssw3rd'" mysql --defaults-extra-file=$credfile -e "GRANT ALL PRIVILEGES ON spamassassin.* TO spamassassin@localhost" mysqladmin --defaults-extra-file=$credfile reload mysqladmin --defaults-extra-file=$credfile refresh mysql --defaults-extra-file=$credfile spamassassin < sadb.sql
# Read SA SQL DB cat >> /etc/mail/spamassassin/sql.cf << EOF user_scores_dsn DBI:mysql:spamassassin:localhost:3306 user_scores_sql_password p4ssw3rd user_scores_sql_username spamassassin user_scores_sql_custom_query SELECT preference, value FROM _TABLE_ WHERE username = _USERNAME_ OR username = '$GLOBAL' OR username = CONCAT('%',_DOMAIN_) ORDER BY username ASC EOF echo "include sql.cf" >> /etc/mail/spamassassin/local.cf
# Add Per User Settings in SA SQL DB (Yours may differ) echo "INSERT INTO userpref (username,preference,value) VALUES ('\$GLOBAL','required_hits','5.0');" | mysql -u root -p spamassassin echo "INSERT INTO userpref (username,preference,value) VALUES ('user@dom.com','required_hits','7.0');" | mysql -u root -p spamassassin echo "INSERT INTO userpref (username,preference,value) VALUES ('globalspam','required_hits','5.0');" | mysql -u root -p spamassassin echo "select * from userpref" | mysql -u root -p spamassassin
# Tell SA Daemon To Use SQL DB sed -i 's/SPAMDOPTIONS=".*"/SPAMDOPTIONS="--create-prefs -m10 -q -x -u clamscan"/' /etc/sysconfig/spamassassin
# Bayesian Filtering mkdir /etc/mail/spamassassin/.spamassassin chown -R clamscan:clamscan /etc/mail/spamassassin/.spamassassin cat >> /etc/mail/spamassassin/bayes.cf << EOF use_bayes 1 use_bayes_rules 1 bayes_auto_learn 1 bayes_path /etc/mail/spamassassin/.spamassassin/bayes bayes_auto_learn_threshold_spam 6.0 bayes_file_mode 0775 EOF echo "include bayes.cf" >> /etc/mail/spamassassin/local.cf systemctl restart spamassassin
# Tell simscan, append to simcontrol, reload cdb dspam=yes,rspam=yes,regex optional: dspamuser=globalspam (Otherwise the first envelope 'rcpt to' address is used) optional: spamuser=globalspam (Add to userprefs table) optional: remove spam_hits=* (Otherwise userprefs will not be used) qmailctl cdb
# This is my configuration: :clam=yes,spam=yes,rspam=yes,dspam=yes,spam_passthru=yes,attach=.exe:.pif:.scr