Per user spamassassin scanning

From MsgServerDocWiki

Jump to: navigation, search

How do I configure per-user SpamAssassin Scanning?

UPDATE, 9/20/2010: This information has been moved to: http://wikis.sun.com/display/CommSuite/Integrating+Spam+and+Virus+Filtering+Programs+Into+Messaging+Server#IntegratingSpamandVirusFilteringProgramsIntoMessagingServer-ToConfigurePeruserSpamAssassinScanning. Refer to that page from now on.

[edit] Introduction

SpamAssassin provides the ability to produce a spam score on a per-user basis. The SpamAssassin Network Protocol has the provision to specify an optional User: field which can be set to a constant value by using the USERNAME spam filter option.

A new spam filter option USERNAME_MAPPING has been added to the SpamAssassin plugin with Messaging Server 6.3p1 and above (120228-20/120229-20/120230-20 or greater). This option is used to specify the name of a mapping table to probe with address information as the plugin receives recipient addresses from the MTA. The probe format is: 

current-username|current-recipient-address|current-optin-string

Both the current-optin-string and the preceding vertical bar are omitted if no optin value was specified.

If the mapping sets the $Y flag the output string is taken to be the updated username to pass to spamd.

NOTE: per-user SpamAssassin scanning can substantially increase the resources required to process emails due to emails addressed to multiple recipients being scanned multiple times.

[edit] Per-user SpamAssassin scanning example

The following example creates a new channel which is configured to split emails into a single recipient-per-email and then passes the email to SpamAssassin using the Messaging Server SpamAssassin plugin. The User: spam filter option is set to the recipient address. Only recipients who have the mailConversionTag: peruserspam attribute will have their email sent to the new channel - this allows sites to only provide per-user scanning to a sub-set of users.

Please note that the setup and configuration of SpamAssassin to process emails on a per-user basis is not covered in this guide.

  • Enable the SpamAssassin plugin

Add the following to <msg_base>/config/option.dat 

!
! Spamfiltering settings
spamfilter1_config_file=IMTA_TABLE:spamassassin.opt
spamfilter1_library=IMTA_LIB:libspamass.so
spamfilter1_optional=1
spamfilter1_string_action=data:, require ["editheader","spamtest"]; \
spamadjust "$U"; addheader "X-Spam-Score: $U"

Add the following to <msg_base>/config/spamassassin.opt 

! Enable debug if set to 1 or 2
DEBUG=0
! This host setting should match the hostname/interface spamd process is listening on
HOST=127.0.0.1
! This port setting should match what spamd listens on, by default its 783
PORT=783
! Return a result regardless of whether email is spam or not
MODE=2
! Need to have an empty field, otherwise spamadjust "$U" doesn't work
FIELD=
! Verdict not used with MODE=2
VERDICT=
! Return rules hit with USE_CHECK=0
!USE_CHECK=0
USERNAME_MAPPING=SPAM_USER
! Default username to use if USERNAME_MAPPING fails to return a value
USERNAME=default
  • Create required mapping table entry

Add the following to <msg_base>/config/mappings to use the recipient email address as the spamd User: setting 

SPAM_USER

! current-username|current-recipient-address|current-optin-string
! no username set
  |*|spam      $Y$0
! USERNAME=<username> set in spam plugin configuration file
 *|*|spam      $Y$1
  • Create new channel which splits emails into single recipient per email & sends emails to be scanned

Add the following channel definition to <msg_base>/config/imta.cnf file 

!
! conversion_peruser
conversion_peruser single sourcespamfilter1optin spam slave_debug
conversion_peruser-daemon
  • Create the CONVERSIONS mapping table to send emails to set new-channel based on channel tag

Add the following mapping table entry to <msg_base>/config/mappings file 

CONVERSIONS

  IN-CHAN=tcp_*;OUT-CHAN=*;TAG=*peruserspam*;CONVERT   Yes,Channel=conversion_peruser
  • Define the users you want to be scanned on a per-user basis

Add the following LDAP attribute to any users you wish to have scanning performed on a per-user basis 

mailConversionTag: peruserspam

[edit] Per-user SpamAssassin scanning example results

  • Expected output from spamd process when sending email to user with mailConversionTag: peruserspam set

Note: user=<email address> 

Jul 17 12:03:17 localhost spamd[5867]: spamd: connection from localhost [127.0.0.1] at port 35819
Jul 17 12:03:17 localhost spamd[5867]: spamd: checking message <0JLA00202W56KU00@localhost> for test.user@sun.com:0
Jul 17 12:03:17 localhost spamd[5867]: spamd: clean message (0.6/5.0) for test.user@sun.com:0 in 0.2 seconds, 773 bytes.
Jul 17 12:03:17 localhost spamd[5867]: spamd: result: . 0 - AWL,NO_REAL_NAME,UNPARSEABLE_RELAY scantime=0.2,size=773,
user=test.user@sun.com,uid=0,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=35819,
mid=<0JLA00202W56KU00@localhost>,autolearn=no
  • Expected mail.log_current lines when per-user scanning is taking place 
17-Jul-2007 12:16:13.23 tcp_intranet conversion_peruser EE 1  rfc822;test.user@sun.com
@testserver.sun.com.lmtp:testuser@lmtpcs-daemon 
17-Jul-2007 12:16:13.56 conversion_peruser tcp_lmtpcs   E 1  rfc822;test.user@sun.com
@testserver.aus.sun.com.lmtp:testuser@lmtpcs-daemon 
17-Jul-2007 12:16:13.57 conversion_peruser              D 1  rfc822;test.user@sun.com
@testserver.aus.sun.com.lmtp:testuser@lmtpcs-daemon 
17-Jul-2007 12:16:13.56 tcp_lmtpcs                DL 1  rfc822;test.user@sun.com 
@testserver.sun.com.lmtp:testuser@lmtpcs-daemon dns;testserver.sun.com (testserver.sun.com -- 
Server LMTP [Sun ONE Messaging Server 6.3-2.01 [built Jun 13 2007; 32bit]]) lmtp;250 2.1.5 testuser@lmtpcs-daemon 
and options OK
Retrieved from "http://msg.wikidoc.info/index.php/Per_user_spamassassin_scanning"
Personal tools