Control Web Panel
WebPanel => CentOS Configuration => Topic started by: Freespirits_GR_Host on March 09, 2020, 08:43:41 PM
-
Hello
The "How to configure Spamassassin" section to wiki here --> https://wiki.centos-webpanel.com/how-to-configure-spamassassin is outdated.
So it would be great to be updated with the following or just update the configuration files locations mentioned there.
Step 1. Edit the configuration (/etc/mail/spamassassin/local.cf) file with the settings below
required_hits 5
report_safe 0
required_score 5
rewrite_header Subject [***SPAM***]
Step 2. Edit /etc/sysconfig/spamassassin file with below config (replacing everything in it) and save it
SAHOME="/var/lib/spamassassin/"
SPAMDOPTIONS="-d -c -m5 -H --username nobody -s ${SAHOME}spamd.log"
Step 3. Edit configuration file in Postfix. Open the file /etc/postfix/master.cf and edit/add the config below then save it.
smtp inet n - n - - smtpd
-o content_filter=smtp-amavis:127.0.0.1:10024
-o receive_override_options=no_address_mappings
-o content_filter=spamassassin
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
Step 4. Restart Postfix and SpamAssasin services
You are ready to go :)
Extra configuration tips
- In case you want mail to be deleted automaticaly and not receive the header rewritten with [***SPAM***] then you can set
report_safe 1
to step 1.
- If you wish to make server more strict you can set the following flag lower. So 0 will always pass but if we set it to 3 that means a lot of mail will get flaged.
required_score 5
- One more configuration you could play is the following. The more you lower this value your mailserver will become strict.
required_hits 5
-
Thank you so much for this.
I am in desperately need of this config since I moved back to CWP.
I am getting an awful lots of unwanted emails and viruses.
Let me check and update this thread if it works.
The official instructions is definitely outdated because it didnt work for me.
Speaking of viruses, I am also in doubt that the Clamav email antivirus work.
I am receiving attachments in zip, img, pdf that turn out to be viruses.
Hopefully spamassassin will block them first hand.
-
Hello
I guess you should use
report_safe 1
If you want to avoid and block many phishing mails you should first rebuild your mail server Email --> Mailserver Manager
Checking the following
1. AntiSpam/AntiVirus (recommended)
2. rDNS Check (recommended)
The next step is to configure Spamassasin and restart the services.
You will notice a 98% reduce in SPAM and phishing mails. There is an outbreak of those messages lately because of the pandemic.
So CWP7 is the best solution to keep safe from dangerous mails and of course keep you psychologically healthy ;)
-
Thank you. I just did that.
Your instructions to configure spamassassin definitely works!
They are now being tagged as spam. Finally.
But I want to further strengthen the security by completely blocking domains.
Went to do this one.
https://forum.centos-webpanel.com/e-mail/spam-config/
Now sure yet if it worked.
-
I am glad everything is working fine ;)
I guess you want to avoid hackers using your system to send spam and not block a subscription to your server.
So i would propose to add/replace the following to your main.cf
#add to avoid spaming and blacklisting
smtpd_sender_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unknown_sender_domain
reject_unknown_reverse_client_hostname
reject_unknown_client_hostname
#add to avoid relay
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
Restart mailserver.
-
@Freespirits_GR_Host
Thanks for the very useful post.
I prefer to set spamd.log to /var/log ;)
-
Hello cynique and thank you.
There is a great option that i would like to point to CWP7 panel and that is "Monitoring via Monit"
A great tool to monitor your server against spam is to enable this option and add postfix-queue.conf and edit it so that you get a warning if more than 10 messages (or less) are in the queue.
check program postfix-queue with path "/scripts/check_postqueue 10"
if status != 0 then alert
Hope that is one more helpful tool against spam and easy way to avoid getting into blacklists. ;)
-
Thank you very much for the updated configuration. It saved me a lot of time.
-
thanks, i will try.
In the maser.cf file, "-o content_filter=" is mentioned in three lines. Do I need to change the others as well?
-
I can't find this line in the master.cf file.
Would you suggest I add it to the bottom?
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
-
I can't find this line in the master.cf file.
Would you suggest I add it to the bottom?
spamassassin unix - n n - - pipe
user=nobody argv=/usr/bin/spamc -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
That is exactly what I suggest. ;). You should add it to the bottom of the file after the SPF Check.
-
@Freespirits_GR_Host
Thank you so much for this easy guide :) One thing is that the AmaVis service is disabled in my CWP instance by default, does this configuration need that to be enabled? Do I really need ClamAV & AmaVis side by side?
TiA
-
@Freespirits_GR_Host
Thank you so much for this easy guide :) One thing is that the AmaVis service is disabled in my CWP instance by default, does this configuration need that to be enabled? Do I really need ClamAV & AmaVis side by side?
TiA
Hello :)
AmaVis is a very important tool to the whole implementation as it helps to block spam, viruses and malware. You can find more information to the following links to understand why it is critical to have it installed
https://wiki.archlinux.org/title/Amavis
https://en.wikipedia.org/wiki/Amavis
-
For proper form, multi-line postfix directives should have commas at the end of each line:
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unknown_sender_domain,
reject_unknown_reverse_client_hostname,
reject_unknown_client_hostname
-
Hi,
I´m new here, but How I configure rules in user_prefs into /home/User-Directory?
In CPANEL exist rules specific to user into /home/User-Directory/.spamassassin/user_prefs
I can to put user prefs but is not working. What have I to do in /usr/share/spamassassin/local.cf or /etc/mail/spamassassin/local.cf to spamassassin to read rules in user preferences into directory each user?
Thank you!
-
That's how it's supposed to work...
[overseer@srv ~]$ less /etc/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
-
And then.. I located this part into archive /usr/share/spamassassin/10_default_prefs.cf
# Headers to be added to mail (can be overriden by users in
# ~/.spamassassin/user_prefs)
# Make sure the header stays entirely on one line here
clear_headers
---------------
Into archive /etc/mail/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
required_score 5
rewrite_header Subject [SPAM]
But like this it´s correct or I need to put any information to direct to /home/User-Directory/.spamassassin/user_prefs ?
-
For sure, that's how it is supposed to work:
overseer@srv$ less /etc/spamassassin/local.cf
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.