On Mon, 17 Mar 2008, James B. Byrne wrote:
Reply-To: 47DD3688.2000507@netoyen.net
Sam Drinkard wrote:
Hello all,
I've been trying to get spamassassin and clamav working, but got really confused when I realized there are various incarnations of the software. Originally, I started out with just spamassassin, but learned there is also an SA-milter. Can someone tell me which of the various spam fighting packages i.e., sa, sa-milter, clamav, clamave-milter, and so forth?
Welcome to the club. Setting up anti-spam and anti-virus software can be a very tedious process.
I'm quite happy with sendmail + clamav-milter + spamass-milter. The recipe is a bit complex, but it's not horrible. The outline below is for CentOS 5, but it takes little tweaking to work on CentOS 4:
1. Use rpmforge versions of key packages: clamav, clamav-milter, clamd, spamass-milter, and spamassassin. There will be some Perl dependencies you'll have to pull in as well.
2. Edit /etc/clamd.conf and make sure clamd starts and runs on your system.
3. I use freshclam to grab updates several times a day. The rpmforge package doesn't start freshclam, so you'll have to do that by yourself. Edit /etc/freshclam.conf to taste.
4. Configure clamav-milter via /etc/sysconfig/clamav-milter. Here's mine:
----- %< ----- CLAMAV_FLAGS=" --config-file=/etc/clamd.conf --pidfile=/var/run/clamav/clamav-milter.pid --sendmail-cf=/etc/mail/sendmail.cf --dont-wait --headers --postmaster-only --max-children=25 --local " SOCKET_ADDRESS="local:/var/run/clamav/clamav-milter.sock" ----- %< -----
5. Configure /etc/sysconfig/spamassassin so that spamd runs correctly on your system. Mine reads
----- %< ----- SPAMDOPTIONS="-d -c -m5 -H" ----- %< -----
6. Edit /etc/sysconfig/spamass-milter. Mine:
----- %< ----- EXTRA_FLAGS='-r 8 -u spamass -x' ----- %< -----
7. Let sendmail know about your milters. Edit /etc/mail/sendmail.mc and regenerate sendmail.cf. Here are the relavent bits of my sendmail.mc file:
----- %< ----- INPUT_MAIL_FILTER( `clamav-milter', `S=local:/var/run/clamav/clamav-milter.sock, F=T, T=S:2m;R:2m') INPUT_MAIL_FILTER( `spamassassin', `S=unix:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m') define( `confMILTER_MACROS_CONNECT', `t, b, j, _, {daemon_name}, {if_name}, {if_addr}') ----- %< -----
8. SpamAssassin can use quite a few processing cycles. To reduce its load, I use spamhaus to reject mail from known spam IP sources before spamd ever has to look at it. I just add the dnsbl feature to sendmail.mc:
----- %< ----- FEATURE(`dnsbl', `sbl-xbl.spamhaus.org', `"554 Mail rejected - http://www.spamhaus.org/query/bl?ip=%22$&%7Bclient_addr%7D') ----- %< -----