Browse Source

spamassassin package update

Signed-off-by: webbuilder_pel7ppc64bebuilder0 <webbuilder@powerel.org>
master
webbuilder_pel7ppc64bebuilder0 6 years ago
parent
commit
d8be146dad
  1. 45
      SOURCES/README.RHEL.Fedora
  2. 9
      SOURCES/redhat_local.cf
  3. 102
      SOURCES/sa-update.cronscript
  4. 12
      SOURCES/sa-update.crontab
  5. 23
      SOURCES/sa-update.force-sysconfig
  6. 5
      SOURCES/sa-update.logrotate
  7. 28
      SOURCES/sa-update.service
  8. 16
      SOURCES/sa-update.timer
  9. 14
      SOURCES/spamassassin.service
  10. 2
      SOURCES/spamassassin.sysconfig
  11. 2
      SOURCES/spamassassin.sysconfig.el
  12. 1121
      SPECS/spamassassin.spec

45
SOURCES/README.RHEL.Fedora

@ -0,0 +1,45 @@
Notes for Spamassassin for RHEL or Fedora
=========================================
spamassassin-3.3.x RPM package for RHEL 5+ or Fedora 11+ contains some new
functionality beyond the upstream spamassassin documentation.

Upstream spamassassin-3.3.0 is no longer distributed with rules. Our package
contains rules in order to be less of a surprise to system administrators.
However just as you wouldn't rely on antivirus software without signature
updates, spamassassin cannot be relied upon without regular rule updates.

1) For these reasons, our RPM package now runs nightly sa-update by default.

/etc/cron.d/sa-update
The default cron runs sa-update once every night. You may edit this cron
file to change the schedule of sa-update or to disable it entirely. If you
had modified this file in the past you may need to restore the new file
from /etc/cron.d/sa-update.rpmnew

2) /usr/share/spamassassin/sa-update.cron
This script is executed by cron. It runs sa-update only if a known spam
daemon is running: spamd, amavisd, or mimedefang. If you do not run any
of these spam daemons but wish to have nightly sa-update, you may
override the daemon check in /etc/sysconfig/sa-update

3) /etc/mail/spamassassin/channel.d
All sa-update channels are defined in files contained in this directory.
See the existing config files as examples for writing your own config file.

4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default
http://wiki.apache.org/spamassassin/SoughtRules

General Warnings
================
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and
can be dangerous. Many of the useful rules have been integrated into
upstream spamassassin.

Note about -d option
====================

With spamassassin 3.4.0, this package has switched the way spamd is started.
You should no longer use the '-d' option in /etc/sysconfig/spamassassin. Doing
so will result in spamd starting and stopping in a loop. The default
/etc/sysconfig/spamassassin file has been adjusted for this, please merge
this change into that file if you have made any changes to it.

9
SOURCES/redhat_local.cf

@ -0,0 +1,9 @@
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf
# (see spamassassin(1) for details)

# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.

required_hits 5
report_safe 0
rewrite_header Subject [SPAM]

102
SOURCES/sa-update.cronscript

@ -0,0 +1,102 @@
#!/bin/bash
# *** DO NOT MODIFY THIS FILE ***
#
# /etc/mail/spamassassin/channel.d/*.conf
# Place files here to add custom channels.
#

# Proceed with sa-update if spam daemon is running or forced in /etc/sysconfig/sa-update
unset SAUPDATE OPTIONS DEBUG NOTIFY_UPD
[ -f /etc/sysconfig/sa-update ] && . /etc/sysconfig/sa-update
[ "$SAUPDATE" = "no" ] && exit 0
for daemon in mimedefang spamd amavisd spampd; do
/usr/bin/pgrep -f $daemon >& /dev/null
[ $? -eq 0 ] && SAUPDATE=yes
done

# Skip sa-update if daemon not detected
[ -z "$SAUPDATE" ] && exit 0

# sa-update must create keyring
if [ ! -d /etc/mail/spamassassin/sa-update-keys ]; then
sa-update
fi

# Initialize Channels and Keys
CHANNELLIST=""
KEYLIST=""
# Process each channel defined in /etc/mail/spamassassin/channel.d/
for file in /etc/mail/spamassassin/channel.d/*.conf; do
[ ! -f "$file" ] && continue
# Validate config file
PREFIXES="CHANNELURL KEYID BEGIN"
for prefix in $PREFIXES; do
if ! grep -q "$prefix" $file; then
echo "ERROR: $file missing $prefix"
exit 255
fi
done
. "$file"
#echo "CHANNELURL=$CHANNELURL"
#echo "KEYID=$KEYID"
CHANNELLIST="$CHANNELLIST $CHANNELURL"
KEYLIST="$KEYLIST $KEYID"
sa-update --import "$file"
done

# Sleep random amount of time before proceeding to avoid overwhelming the servers
sleep $(expr $RANDOM % 7200)

unset arglist
# Run sa-update on each channel, restart spam daemon if success
for channel in $CHANNELLIST; do
arglist="$arglist --channel $channel"
done
for keyid in $KEYLIST; do
arglist="$arglist --gpgkey $keyid"
done
/usr/bin/sa-update $OPTIONS $arglist
status=$?
now=`date +"%d-%b-%Y %T"`
# cron runs this script tee /var/log/sa-update.log
# We want to always write to the log, but only send mail
# as configured.
if [ $status -eq 0 ]; then
if [ -n "$DEBUG" -o -n "$NOTIFY_UPD" ]; then
echo "$now: SpamAssassin: Update processed successfully"
else
echo "$now: SpamAssassin: Update processed successfully" >>/var/log/sa-update.log
fi
if [ -f /usr/bin/systemctl ]; then
systemctl condrestart spamassassin.service >& /dev/null
[ -f /usr/lib/systemd/system/amavisd.service ] && systemctl condrestart amavisd.service >& /dev/null
systemctl --quiet is-active mimedefang.service; [ $? -eq 0 ] && systemctl reload mimedefang.service >& /dev/null
[ -f /usr/lib/systemd/system/spampd.service ] && systemctl condrestart spampd.service >& /dev/null
else
service spamassassin condrestart >& /dev/null
[ -f /etc/rc.d/init.d/amavisd ] && service amavisd-new condrestart >& /dev/null
[ -f /etc/rc.d/init.d/mimedefang ] && service mimedefang condrestart >& /dev/null
[ -f /etc/rc.d/init.d/spampd ] && service spampd condrestart >& /dev/null
fi

exit $status
fi
if [ $status -eq 1 ]; then
if [ -n "$DEBUG" ]; then
echo "$now: SpamAssassin: No update available"
else
echo "$now: SpamAssassin: No update available" >>/var/log/sa-update.log
fi
exit $status
fi
if [ $status -eq 2 ]; then
echo "$now: SpamAssassin: Problem applying update - pre files failed lint check"
exit $status
fi
if [ $status -eq 4 ]; then
echo "$now: SpamAssassin: Update available, but download or extract failed"
exit $status
fi

echo "$now: SpamAssassin: Unknown error code $status from sa-update"
exit $status

12
SOURCES/sa-update.crontab

@ -0,0 +1,12 @@
# *** DO NOT MODIFY THIS FILE ***
### Spamassassin Rules Updates ###
#
# http://wiki.apache.org/spamassassin/RuleUpdates
#
# sa-update automatically updates your rules once per day if a spam daemon like
# spamd or amavisd are running. You can force sa-update to run in
# /etc/sysconfig/sa-update
#
# /var/log/sa-update.log contains a history log of sa-update runs

10 4 * * * root /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log

23
SOURCES/sa-update.force-sysconfig

@ -0,0 +1,23 @@
# sa-update configuration
#
# Note that the opposite of "yes" is the empty string, NOT "no"

# Don't run sa-update even if it's in /etc/cron.d/ - as installed
#SAUPDATE=no

# Run sa-update even if no daemon is detected
#SAUPDATE=yes

# Default: Run only if a daemon is detected

# Options for the actual sa-update command
# These are added to the channel configuration from
# /etc/mail/spamassassin/channel.d/*.conf
# OPTIONS=-v

# Debug script - send mail even if no update available
# DEBUG=yes

# Send mail when updates successfully processed
# Default: send mail only on error
#NOTIFY_UPD=yes

5
SOURCES/sa-update.logrotate

@ -0,0 +1,5 @@
/var/log/sa-update.log {
monthly
notifempty
missingok
}

28
SOURCES/sa-update.service

@ -0,0 +1,28 @@
### Spamassassin Rules Updates ###
#
# http://wiki.apache.org/spamassassin/RuleUpdates
#
# sa-update automatically updates your rules once per day if a spam daemon like
# spamd or amavisd are running.

[Unit]
Description=Spamassassin Rules Update
Documentation=man:sa-update(1)

[Service]
# Note that the opposite of "yes" is the empty string, NOT "no"
# Options for the actual sa-update command
# These are added to the channel configuration from
# /etc/mail/spamassassin/channel.d/*.conf
Environment=OPTIONS=-v

# Debug script - send mail even if no update available
#Environment=DEBUG=yes

# Send mail when updates successfully processed
# Default: send mail only on error
#Environment=NOTIFY_UPD=yes

ExecStart=/usr/share/spamassassin/sa-update.cron

SuccessExitStatus=1

16
SOURCES/sa-update.timer

@ -0,0 +1,16 @@
### Spamassassin Rules Updates ###
#
# http://wiki.apache.org/spamassassin/RuleUpdates
#
# sa-update automatically updates your rules once per day if a spam daemon like
# spamd or amavisd are running.

[Unit]
Description=Spamassassin Rules Update timer
Documentation=man:sa-update(1)

[Timer]
OnCalendar=daily

[Install]
WantedBy=spamassassin.service

14
SOURCES/spamassassin.service

@ -0,0 +1,14 @@
[Unit]
Description=Spamassassin daemon
After=syslog.target network.target
Wants=sa-update.timer

[Service]
EnvironmentFile=-/etc/sysconfig/spamassassin
ExecStart=/usr/bin/spamd $SPAMDOPTIONS
StandardOutput=null
StandardError=null
Restart=always

[Install]
WantedBy=multi-user.target

2
SOURCES/spamassassin.sysconfig

@ -0,0 +1,2 @@
# Options to spamd
SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'"

2
SOURCES/spamassassin.sysconfig.el

@ -0,0 +1,2 @@
# Options to spamd
SPAMDOPTIONS="-d -c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'"

1121
SPECS/spamassassin.spec

File diff suppressed because it is too large Load Diff
Loading…
Cancel
Save