spamassassinで迷惑メール判定

参考

debianで実施。

！！注意！！

ハマりやすい。
パニクる前に
/etc/postfix/master.cf の設定を元に戻して、
sudo /etc/init.d/postfix restartすること。

作業は仕事のメールが飛んでこない深夜帯に行うこと。

準備

インストール

# sudo apt-get install -y spamassassin spamc

spamassassinの設定

spamassassin用アカウント作成

# groupadd spamd
# useradd -g spamd -s /bin/false -d /var/log/spamassassin spamd
# mkdir /var/log/spamassassin
# chown spamd:spamd /var/log/spamassassin

/etc/default/spamassassin

-ENABLED=0
+ENABLED=1
+SAHOME="/var/log/spamassassin/"
+ OPTIONS="--create-prefs --max-children 2 --username spamd \
+ -H ${SAHOME} -s ${SAHOME}spamd.log"

postfixの設定

master.cf

 smtp      inet  n      -       n       -       -       smtpd
+   -o content_filter=spamassassin
 submission inet n      -       n       -       -       smtpd
+   -o content_filter=spamassassin
+spamassassin unix -     n       n       -       -       pipe
+   user=spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient}

spamassassin起動

必ずmaillogを確認しておくこと。

# tail -f /var/log/maillog

# /etc/init.d/spamassassin restart
# /etc/init.d/postfix restart

ログ確認

# tail -f /var/log/maillog
May 27 02:32:10 localhost postfix/pipe[6141]: 22CFE5DC3E9: to=<taro@myserver.co.jp>, relay=spamassassin, delay=0.5, delays=0.24/0/0/0.27, dsn=2.0.0, status=sent (delivered via spamassassin service)

"(delivered via spamassassin service)"が追加されていることがわかる。

# tail -f /var/log/spamassassin/spamd.log

ハマった点

spamassassinに接続できない

/var/log/maillog

May 27 02:36:30 localhost postfix/qmgr[7015]: warning: connect to transport spamassassin: Connection refused
May 27 02:37:03 localhost postfix/qmgr[7141]: warning: connect to transport spamassassin: Connection refused
...

spamdが起動していることを確認。

$ sudo lsof -i:spamd
COMMAND  PID  USER   FD   TYPE DEVICE SIZE NODE NAME
spamd   7587  root    5u  IPv4  28675       TCP localhost:spamd (LISTEN)
spamd   7588 spamd    5u  IPv4  28675       TCP localhost:spamd (LISTEN)
spamd   7589 spamd    5u  IPv4  28675       TCP localhost:spamd (LISTEN)

spamassassinを実行するユーザ(spamd)のHOMEがない場合

/var/log/maillog

May 27 01:48:53 localhost postfix/qmgr[6944]: warning: connect to transport spamassassin: No such file or directory
May 27 01:49:47 localhost postfix/qmgr[7059]: warning: connect to transport spamassassin: No such file or directory
May 27 01:50:47 localhost postfix/qmgr[7059]: warning: connect to transport spamassassin: No such file or directory
May 27 01:51:47 localhost postfix/qmgr[7504]: warning: connect to transport spamassassin: No such file or directory
...

HOMEに書き込めないユーザで間違ってspamassassinを起動してしまった場合

May 27 02:21:20 localhost spamd[3214]: spamd: creating default_prefs: /nonexistent/.spamassassin/user_prefs
May 27 02:21:20 localhost spamd[3214]: mkdir /nonexistent: Permission denied at /usr/share/perl5/Mail/SpamAssassin.pm line 1530
May 27 02:21:20 localhost spamd[3214]: config: cannot write to /nonexistent/.spamassassin/user_prefs: No such file or directory
May 27 02:21:20 localhost spamd[3214]: spamd: failed to create readable default_prefs: /nonexistent/.spamassassin/user_prefs
May 27 02:21:20 localhost spamd[3214]: mkdir /nonexistent: Permission denied at /usr/share/perl5/Mail/SpamAssassin.pm line 1530
May 27 02:21:20 localhost spamd[3214]: spamd: processing message <2949348135383780845461.mail@yourserver.net> for nobody:65534
May 27 02:21:20 localhost spamd[3214]: mkdir /nonexistent: Permission denied at /usr/share/perl5/Mail/SpamAssassin.pm line 1530
May 27 02:21:20 localhost spamd[3214]: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.myserver.co.jp.3214 for /nonexistent/.spamassassin/auto-whitel
ist.lock: No such file or directory
May 27 02:21:20 localhost spamd[3214]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create tmp lockfile /nonexistent/.spamassassin/auto-whitelist.lock.myserver.co.jp.3214 for /nonexistent/.spamassassin/auto-whitelist.lock: No such file or directory