Posted on 4 Comments

Sentora 1.0.3 SpamAssassin Setup & Training Scripts

I’m making some changes to my hosting services, I’ve been testing Sentora, as it’s much more user friendly, if a little more limited in what it’s capable of doing, vs my go-to admin panel over the past 6+ years, Virtualmin.

I noticed that SpamAssassin isn’t set up on a Sentora server by default, so here’s a script that will get things working under a fresh Sentora install in CentOS 7:

#!/bin/bash

echo "Setting Up SpamAssassin. Please Wait..."

yum install spamassassin -y
groupadd spamd
useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
chown spamd:spamd /var/log/spamassassin

echo "Changing Postfix Master Config For SA..."
echo "master.cf Backed Up to /root"

cp /etc/postfix/master.cf /root/postfix_master.cf.bak
sed -i '11s/.*/smtp      inet  n       -       n       -       -       smtpd -o content_filter=spamassassin/' /etc/postfix/master.cf
echo "spamassassin unix - n n - - pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f \${sender} \${recipient}" >> /etc/postfix/master.cf

echo "Updating SpamAssassin Database & Enabling Services..."
sa-update --nogpg
systemctl enable spamassassin
systemctl restart spamassassin
systemctl restart postfix

After this script has run, some mail server settings will be changed, and the master.cf configuration file for Postfix will be backed up just in case it craps out.

Make sure the SpamAssassin daemon is running on port 783 with this command:

ss -tnlp | grep spamd

Testing is easy, send an email to an address hosted by Sentora with the following in the subject line:

XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X

If SpamAssassin is working correctly, this will be tagged with a spam score of 999.

A useful script is below, this trains SpamAssassin on the mail in the current server mailboxes. I’ve been using a version of this for a long time, this one is slightly modified to operate with Sentora’s vmail system. All mail for all domains & users will be fed into SpamAssassin in this script. I set this to run nightly in cron.

#!/bin/bash

#specify one or more users, space padded [user=(user1 user2 user3)] or empty [user=()] to include all users. All users is considered uid ≥ 1000.
user=(vmail)

#After how many days should Spam be deleted?
cleanafter=30

#backup path, comment out to disable backups
bk=/home/backup/sa-learn_bayes_`date +%F`.backup

log=/var/log/train-mail.log
#log=/dev/stdout

echo -e "\n`date +%c`"  >> $log 2>&1

if [ -z ${user[@]} ]; then
echo user is empty, using all users from system
user=(`awk -F':' '$3 >= 1000 && $3 < 65534' /etc/passwd |awk -F':' '{print $1}'`)
fi

for u in ${user[@]}; do
if [ ! -d /var/sentora/vmail/*/* ]; then
echo "No such Maildir for $u" >> $log 2>&1
else
echo "Proceeding with ham and spam training on user \"$u\""
#add all messages in "junk" directory to spamassassin
echo spam >> $log 2>&1
#change this path to match your spam directory, in this case its "Junk"
#add current and new messages in Junk directory as spam
sa-learn --no-sync --spam /var/sentora/vmail/*/*/.Junk/{cur,new} >> $log 2>&1
echo ham >> $log 2>&1
#only add current mail to ham, not new. This gives user a chance to move it to spam dir.
sa-learn --no-sync --ham /var/sentora/vmail/*/*/{cur} >> $log 2>&1
fi
done

#sync the journal created above with the database
echo sync >> $log 2>&1
sa-learn --sync >> $log 2>&1
if [ $? -eq 0 ]; then
for u in ${user[@]}; do
echo "deleting spam for $u older than 30 days" >> $log 2>&1
find /var/sentora/vmail/*/*/.Junk/cur/ -type f -mtime +$cleanafter -exec rm {} \;
done
else
echo "sa-learn wasn't able to sync. Something is broken. Skipping spam cleanup"
fi

echo "Statistics:" >> $log 2>&1
sa-learn --dump magic >> $log 2>&1
echo ============================== >> $log 2>&1

if [ -n $bk ]; then
echo "backup writing to $bk" >> $log 2>&1
sa-learn --backup > $bk
fi

 

4 thoughts on “Sentora 1.0.3 SpamAssassin Setup & Training Scripts

  1. Thanks for the guide.
    For the training where is it reading the mail from. Are you creating a mailbox that has spam that is selected manually?

    I am assuming you need to set up IMAP for this.

    1. Hi,

      It’s reading the spam mail files directly from /var/sentora/vmail/*/*/.Junk/, and the ham from /var/sentora/vmail/*/*/{cur}, where the wildcard asterisks will be the domain name & username. This doesn’t require IMAP to work as it’s operating at filesystem level.

  2. I think I have something wrong here.

    master.cf

    smtp inet n – n – – smtpd
    -o smtpd_sasl_auth_enable=yes
    -o receive_override_options=no_address_mappings
    -o content_filter=smtp-amavis:127.0.0.1:10024

    below in the file …

    spam/virus section
    #
    smtp-amavis unix – – y – 2 smtp
    -o smtp_data_done_timeout=1200
    -o disable_dns_lookups=yes
    -o smtp_send_xforward_command=yes
    127.0.0.1:10025 inet n – y – – smtpd
    -o content_filter=
    -o smtpd_helo_restrictions=
    -o smtpd_sender_restrictions=
    -o smtpd_recipient_restrictions=permit_mynetworks,reject
    -o mynetworks=127.0.0.0/8
    -o smtpd_error_sleep_time=0
    -o smtpd_soft_error_limit=1001
    -o smtpd_hard_error_limit=1000
    -o receive_override_options=no_header_body_checks
    -o smtpd_helo_required=no
    -o smtpd_client_restrictions=
    -o smtpd_restriction_classes=
    -o disable_vrfy_command=no
    -o strict_rfc821_envelopes=yes
    #
    # Dovecot LDA
    dovecot unix – n n – – pipe
    flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient}
    #
    # Vacation mail
    vacation unix – n n – – pipe
    flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} — ${recipient}

    spamassassin unix – n n – – pipe flags=R user=spamd argv=/usr/bin/spamc -e /usr/sbin/sendmail -oi -f ${sender} ${re$

  3. ugg, sorry no way to edit that.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.