Spamdyke

From QmailToaster
Revision as of 14:26, 26 March 2024 by Ebroch (talk | contribs)
Jump to navigation Jump to search

Background

Spamdyke provides pre-transmission spam filtering, and should be used in addition to SpamAssassin, which provides post-transmission spam filtering. Spamdyke is available from the spamdyke website. See that site for details.

While a few of spamdyke's capabilities are already provided with the stock QMail-Toaster, spamdyke provides some additional spam fighting capabilities such as graylisting and enhanced blacklist/whitelist processing.

Spamdyke is a program that sits between the tcpserver and qmail-smtp processes (a pipe in 'nix lingo), so its implementation does not require patching or recompiling of qmail.

It is anticipated that spamdyke will become part of the stock QMail-Toaster no later than version 2, and hopefully in version 1.4. Meanwhile, here are some notes about using spamdyke with your existing QMail-Toaster.

Installation

QmailToaster-Plus beginning with release 0.3.0-1.4.2 contains a script called qtp-install-spamdyke which installs spamdyke on your toaster for you. You can use that script in lieu of the instructions (INSTALL.txt) that come with spamdyke. The script automatically installs the latest version of spamdyke.

Configuration

spamdyke's configuration file is located at /etc/spamdyke/spamdyke.conf. spamdyke reads its configuration file every time a new connection is made. For this reason, it is never necessary to restart qmail after making changes to spamdyke's configuration file.

spamdyke's documentation provides full details on all of spamdyke's features and configuration options. Documentation for the latest version is available here: README file

Graylisting

The install script sets up all of the domains in /var/qmail/control/rcpthosts and morercpthosts for graylisting. If you have local domains that you don't want graylisting enabled for, simply remove the associated /var/spamdyke/graylist/domain directory.

RBLs

DNS RBLs are checked by spamdyke instead of the rblsmtpd program. Check to see that the RBLs specified in your /var/qmail/control/blacklists file are included in /etc/spamdyke/spamdyke.conf as check-dnsrbl parameters.

reject-ip-in-cc-rdns

This option is commented out in the configuration file that is generated by the installation script. It is useful for most US domains, whose users rarely correspond with international addresses. To enable this option, simply uncomment it in the /etc/spamdyke/spamdyke.conf file.

If this option is not appropriate in your situation (non-US or domains with international traffic), you might want to consider using the "ip-in-rdns-keyword-file" option instead, listing the country codes you want to filter in the /etc/spamdyke/blacklist_keywords file that is created by the installation script.

Troubleshooting

There are no known troubleshooting issues as of this writing. If you have any problems, contact the qmailtoaster or spamdyke email list (but please, not both).

Disabling

If you need to disable spamdyke, run the following commands:

# cd /var/qmail/supervise/smtp
# ln -sf run.dist run
# qmailctl restart

Replacing run.dist with run.spamdyke will turn it back on.

Statistics

From the qmailtoaster user list archive:

  • Create folder /usr/share/qmt/scripts
  • You also need to create a folder called tmp in /usr/share/qmt/scripts
  • Remember to save all scripts in the folder /usr/share/qmt/scripts
  • Save this spamdyke-stats script in that folder and chmod +x the filename
  • Test the script by running as root:
 # cat /var/log/qmail/smtp/current | /usr/share/qmt/scripts/spamdyke-stats
  • If running correctly, will generate below output:
      747   89.14%  ALLOWED
      46    5.48%  DENIED_OTHER
      40    4.77%  DENIED_RBL_MATCH
--------------- Breakdown ---------------
-----------------------------------------
       4    0.47%  DENIED_SENDER_NO_MX
       1    0.11%  TIMEOUT

---------------- Summary ----------------
Allowed:      747   89.14%
Timeout:        1    0.11%
Errors :        0    0.00%
Denied :       90   10.73%
Total  :      838  100.00%
 yum install perl-Time-TAI64 perl-Date-Calc
  • Edit the Spamdyke-Stats-Report.pl script and set $MachineName with your servername and $MailTo with your email address
  • Test the script by running as root and check your mailbox:
 # /usr/share/qmt/scripts/Spamdyke-Stats-Report.pl
  • Add it to crontab:
 05 00 * * * root /usr/share/qmt/scripts/Spamdyke-Stats-Report.pl 2>&1 > /dev/null

Spamdyke QRV