Bagaimana memastikan rule spamassassin up to date?
Spamassassin merupakan perangkat lunak open source untuk menangkal spam yang cukup handal. Perangkat lunak ini biasanya digunakan di mail server sebagai pelengkap MTA seperti qmail, procmail, sendmail dan Postfix. Spamassassin bekerja dengan rule yang akan memberi skor pada email. Berdasarkan skor itulah sebuah email ditentukan sebagai spam atau tidak. Administrator dapat menentukan berapa skor agar sebuah email dianggap sebagai spam.
Setiap hari spammer di internet makin banyak dan rule spamassassin pun diperbaharui. Saya kurang paham seberapa sering rule ini diperbaharui. Sehingga saya memasang update otomatis secara berkala di crontab. Namun kadang kala saya ingin tahu apakah rule yang terpasang sudah up to date atau belum. Untuk itu saya berikan perintah berikut:
$ host -t txt “0.3.3.updates.spamassassin.org”
jawaban yang diperoleh sebagai berikut :
0.3.3.updates.spamassassin.org text “917420″
Angka 0.3.3 adalah penulisan secara terbalik versi spamassassin yang saya pakai yaitu versi 3.3.0. Angka 917420 adalah versi rule up to date yang dimiliki oleh tim spamassassin. Untuk mengetahui apakah rule yang saya miliki up to date, saya berikan perintah berikut :
$ head -1 /var/lib/spamassassin/3.001004/updates_spamassassin_org.cf
dan jawabannya :
# UPDATE version 917420
berarti rule saya up to date.
blocking spam with foreign language or alphabet or characacter
sometimes we get spam of foreign language that we don’t understand. we don’t even know the alphabet, very annoying. there are plenty of them, some from romania, china or greek. we can set spamassassin to give them higher score and then treat them as spam. here’s how to do it (tested on 3.1.4) : Read more
qmailrocks domainkeys
Image via Wikipediamost of us may experience that email we send to yahoo users end up in their bulk folder. this happened because yahoo, and also gmail, already implementing a new standard originally proposed by yahoo to fight spam.
domainkeys works by involving the use of private and public key when sending and recieving email. a sender is generating a pair of the keys and then use the private key on the mail transfer agent (MTA) like qmail, postfix,etc. to sign every email that goes out from it. the public key is published in the DNS record. when a recipient MTA receive the email it will check the signed email with the public key on the DNS record. if they are not matched, the email can be considered as spam or sent by unauthorized MTA, so it cannot be trusted.
it’s a very good method to reduce spam, unfortunately it’s not that simple. it would be perfect if only all MTA on the internet already implemented it. so far not many MTA does. and we can’t just reject email that comes from a MTA that has no domainkeys.
with this new standard, it doesn’t mean that the days of spammers are ended. because they can also implement this domainkeys. it’s just that they would be easier and faster for us to recognize and then reject them. but there’s opinion saying that it’s not really a problem for them because domain name is cheap and they can easily buy another and use it to send spam again (with domainkeys). when they feel they had enough (may be some of us reject them), they will leave it and buy another again. this goes on and on again.
but for a case like this, i think there’s already a good method like this one for example.
so if you got here because you use qmailrocks and want to add domainkeys capability on it, i only have suggestion here for you to consider. AFAIK qmailrocks has not provide domainkeys in it’s installation guideline. what we actually need to know is how to put domainkeys on qmail-smtpd, so we need to change the way that we usually run it as according to qmailrocks and find another way. we can use john simpson’s way to do so, but we also need to adjust some of our current installations to his.Related articles by Zemanta
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=58ade30a-30d4-423b-ada8-665e0129001c)
summary on spamassassin custom rule
spamassassin is a good free software to reduce spam. useful link for spamassassin rules :
1. http://www.rulesemporium.com
2. http://daryl.dostech.ca
if you’d like to write your own rules, there are things to remember when creating spamassassin custom rules :
1. rules should be stored in /etc/mail/spamassassin/local.cf for site-wide use
2. spamassassin rules is written with perl regular expressions
3. use phrase rather than word
4. after writing rules, always check for errors with command spamassassin –lint -D
5. rule components are : rule, score, description
example :
body SAMPLE_RULE /the word/
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
to match any combination of upper or lower case,put character i at the end of rule :
body SAMPLE_RULE /the word/i
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
6. instead of body, we can also use rawbody or header :
rawbody SAMPLE_RULE /the word/i
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
header SAMPLE_RULE Subject =~ /the word/i
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
header SAMPLE_RULE From =~ /the word/i
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
to check all header, use ALL :
header SAMPLE_RULE ALL =~ /the word/i
score SAMPLE_RULE 1
describe SAMPLE_RULE it’s an example rule
enabling or disabling spamassassin or clamav
using qmail, qmail-scanner, spamassassin, clamav. sometimes when clamav causing error and needs update, the entire mail delivery will fail. while updating clamav, we can tell qmail-scanner not to use it so the mail delivery will continue without clamav. to enable or disable clamav or spamassassin find these lines in /var/qmail/bin/qmail-scanner-queue.pl :
my @scanners_installed=(”clamdscan_scanner”,”spamassassin”,”perlscan_scanner”);
my @scanners_default=(”clamdscan_scanner”,”spamassassin”,”perlscan_scanner”);
to enable only spamassassin, turn it to be :
my @scanners_installed=(”spamassassin”);
my @scanners_default=(”spamassassin”);
to enable only clamav, turn it to be :
my @scanners_installed=(”clamdscan_scanner“);
my @scanners_default=(”clamdscan_scanner“);
save and then do this :
$ setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g
$ setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z
