I don’t like spam. I prefer bison.

So I finally got sick of getting ~200 spam messages every tine I went to check my email. Spamassassin caught nearly every single one, but was still delivering them to my inbox. Read on for a simple explination on how you set up postfix+spamassasin to REJECT all spam messages.

Create a shell script somewhere (I used /bin/scripts/postfix_filter.sh) with the following in it:

#!/bin/bash
/usr/bin/spamc | /usr/sbin/sendmail -i "$@"
exit $?

chmod it so it can be executed

# chmod 755 /bin/scripts/postfix_filter.sh

If your system does not already have the filter user, create it:

# useradd -u 1012 -d /var/spool/filter -s /bin/false -p '*' filter

Open master.cf in a text editor and find this line:

	smtp      inet  n       -       n       -       -       smtpd

Directly under that line, add the following line:

-o content_filter=filter

If your server allows secure smtp connections you should do the same for the matching “smtps” line.

At the bottom of the file, add the following two lines (the second line was wraped on this page):

filter          unix    -       n       n       -       -       pipe
flags=Rq user=filter argv=/bin/scripts/postfix_filter.sh
  -f ${sender} -- ${recipient}

Don’t forget to change the /bin/scripts/postfix_filter.sh to point to where ever you saved the script above

Save and close this file. Now open main.cf in your text editor and add the following line:

header_checks = regexp:/etc/postfix/regexp_header

Save and close this file, now create the file /etc/postfix/regexp_header and add the following to it:

/^X-Spam-Flag: YES/ REJECT I don't like spam. I prefer bison.

Save and quit your text editor.

Start spamd and set it to run automatically at boot

# rc-update add spamd default
# /etc/init.d/spamd start

What’s going on here is we are telling postfix to run all recieved mail through a filter, in our case spamassassin. Spamassasin adds the X-Spam-Flag: YES header to mail that it detects is spam, so we then tell postfix to REJECT all mail that contains this header.

To test to make sure all this is working, have someone send you an email with the folling string in the body:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

Spamassassin should mark the message with 1000 hits causing postfix to reject it.

Most of this information is from http://www.linuxfromscratch.org/hints/downloads/files/postfix+spamassassin+razor.txt

This entry was written by FireRabbit, posted on August 27, 2004 at 3:56 am, filed under Computers & Technology. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*