|
Packit |
e8bc57 |
What:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
This document describes how to use bogofilter to filter mail that
|
|
Packit |
e8bc57 |
passes through a postfix mail server.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Theory:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
The idea is to setup bogofilter on the mail server and have it filter
|
|
Packit |
e8bc57 |
all incoming mail.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
There are several advantages to doing so:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
1. Mail users on non-Unix platforms will benefit from bogofilter spam
|
|
Packit |
e8bc57 |
filtering.
|
|
Packit |
e8bc57 |
2. bogofilter learns better since it has access to a larger corpus.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
There is also a mechanism for users to register new spam/non-spam
|
|
Packit |
e8bc57 |
messages, as well as correcting misclassifications.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Assumptions:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Most of the steps described here require root privileges.
|
|
Packit |
e8bc57 |
- postfix is installed into /usr. If you installed postfix
|
|
Packit |
e8bc57 |
from rpm, it is probably installed there. If you installed from
|
|
Packit |
e8bc57 |
source, it is installed into /usr/local unless you changed its
|
|
Packit |
e8bc57 |
configuration.
|
|
Packit |
e8bc57 |
- bogofilter is installed in /usr/bin/bogofilter on the mail server.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Installation:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Build the initial spam and non-spam databases by feeding your corpus of mail.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Assuming there are two files in mbox format in /home/bogofilter, you say:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# cd /home/bogofilter
|
|
Packit |
e8bc57 |
# bogofilter -d . -s < spam.mbx
|
|
Packit |
e8bc57 |
# bogofilter -d . -n < nonspam.mbx
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Filtering:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Create a script to invoke bogofilter, say
|
|
Packit |
e8bc57 |
/home/bogofilter/postfix-filter.sh, modeled on the following:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
#!/bin/sh
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
FILTER=/usr/bin/bogofilter
|
|
Packit |
e8bc57 |
FILTER_DIR=/var/spool/filter
|
|
Packit |
e8bc57 |
# WARNING! The -i is crucial, else you may see
|
|
Packit |
e8bc57 |
# messages truncated at the first period that is alone on a line
|
|
Packit |
e8bc57 |
# (which can happen with several kinds of messages, particularly
|
|
Packit |
e8bc57 |
# quoted-printable)
|
|
Packit |
e8bc57 |
# -G is ignored before Postfix 2.3 and tells it that the message
|
|
Packit |
e8bc57 |
# does not originate on the local system (Gateway submission),
|
|
Packit |
e8bc57 |
# so Postfix avoids some of the local expansions that can leave
|
|
Packit |
e8bc57 |
# misleading traces in headers, such as local address
|
|
Packit |
e8bc57 |
# canonicalizations.
|
|
Packit |
e8bc57 |
POSTFIX="/usr/sbin/sendmail -G -i"
|
|
Packit |
e8bc57 |
export BOGOFILTER_DIR=/home/bogofilter
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# Exit codes from <sysexits.h>
|
|
Packit |
e8bc57 |
EX_TEMPFAIL=75
|
|
Packit |
e8bc57 |
EX_UNAVAILABLE=69
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
cd $FILTER_DIR || \
|
|
Packit |
e8bc57 |
{ echo $FILTER_DIR does not exist; exit $EX_TEMPFAIL; }
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# Clean up when done or when aborting.
|
|
Packit |
e8bc57 |
trap "rm -f msg.$$ ; exit $EX_TEMPFAIL" 0 1 2 3 15
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# bogofilter -e returns: 0 for OK, nonzero for error
|
|
Packit |
e8bc57 |
rm -f msg.$$ || exit $EX_TEMPFAIL
|
|
Packit |
e8bc57 |
$FILTER -p -u -e > msg.$$ || exit $EX_TEMPFAIL
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
exec
|
|
Packit |
e8bc57 |
rm -f msg.$$ # safe, we hold the file descriptor
|
|
Packit |
e8bc57 |
exec $POSTFIX "$@"
|
|
Packit |
e8bc57 |
exit $EX_TEMPFAIL
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Make sure the script is executable!
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Given a good initial corpus, it is better to have bogofilter update
|
|
Packit |
e8bc57 |
its lists based on the message classification, since it is quite
|
|
Packit |
e8bc57 |
likely to get it right. Misclassifications MUST be corrected later.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Modify your /etc/postfix/master.cf to run the filter.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
After the line that starts "smtp " and ends in "smtpd" (don't
|
|
Packit |
e8bc57 |
confuse it with the one that ends in "smtp", mind the "d"!) and add the
|
|
Packit |
e8bc57 |
following line, you must indent it with some spaces or tabs:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
-o content_filter=filter:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
At the end of the file, add the following two lines:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
filter unix - n n - - pipe
|
|
Packit |
e8bc57 |
flags=Rq user=filter argv=/home/bogofilter/postfix-filter.sh -f ${sender} -- ${recipient}
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Now, every incoming message will have the header line
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
X-Bogosity: ...
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
added to the headers.
|
|
Packit |
e8bc57 |
A bogofilter classified spam messages will have the entry:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
X-Bogosity: Spam ...
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Note that the actual header name is configurable at compile time and
|
|
Packit |
e8bc57 |
may have been changed.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Educate your users on how to filter their spam based on the value of
|
|
Packit |
e8bc57 |
the X-Bogosity header. Spam messages should be diverted to a spam
|
|
Packit |
e8bc57 |
mailbox, rather than deleted.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Registration and Correction:
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
To use external filtering with Postfix, create a Unix group on the
|
|
Packit |
e8bc57 |
server named "filter".
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Next, create a user account named "filter" on the server and make it a
|
|
Packit |
e8bc57 |
member of group "filter". This will be a least-privileged account
|
|
Packit |
e8bc57 |
used by the scripts.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
No other user should belong to group "filter". Logins for the
|
|
Packit |
e8bc57 |
"filter" account should be locked (e. g. 'passwd -l filter' on Linux and
|
|
Packit |
e8bc57 |
Solaris) and the shell in /etc/passwd should be set to an invalid
|
|
Packit |
e8bc57 |
shell such as /bin/false.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Arrange for users to send misclassified mail to a particular mailbox
|
|
Packit |
e8bc57 |
and make sure that the database is updated regularly.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
If you cannot arrange for regular corrections, remove the "-u" from
|
|
Packit |
e8bc57 |
the bogofilter command in the script above, and update the database
|
|
Packit |
e8bc57 |
as the need arises by registering more mail.
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Make sure the script is executable
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# chmod +x /home/bogofilter/postfix-filter.sh
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Change the ownership of /home/bogofilter to the filter user
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
# chown -R filter:filter /home/bogofilter
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
- Done!
|
|
Packit |
e8bc57 |
|
|
Packit |
e8bc57 |
Author:
|
|
Packit |
e8bc57 |
David Relson <relson@osagesoftware.com>
|
|
Packit |
e8bc57 |
Matthias Andree <matthias.andree@gmx.de>
|