webbuilder_pel7ppc64bebuilder0
6 years ago
12 changed files with 1379 additions and 0 deletions
@ -0,0 +1,45 @@ |
|||||||
|
Notes for Spamassassin for RHEL or Fedora |
||||||
|
========================================= |
||||||
|
spamassassin-3.3.x RPM package for RHEL 5+ or Fedora 11+ contains some new |
||||||
|
functionality beyond the upstream spamassassin documentation. |
||||||
|
|
||||||
|
Upstream spamassassin-3.3.0 is no longer distributed with rules. Our package |
||||||
|
contains rules in order to be less of a surprise to system administrators. |
||||||
|
However just as you wouldn't rely on antivirus software without signature |
||||||
|
updates, spamassassin cannot be relied upon without regular rule updates. |
||||||
|
|
||||||
|
1) For these reasons, our RPM package now runs nightly sa-update by default. |
||||||
|
|
||||||
|
/etc/cron.d/sa-update |
||||||
|
The default cron runs sa-update once every night. You may edit this cron |
||||||
|
file to change the schedule of sa-update or to disable it entirely. If you |
||||||
|
had modified this file in the past you may need to restore the new file |
||||||
|
from /etc/cron.d/sa-update.rpmnew |
||||||
|
|
||||||
|
2) /usr/share/spamassassin/sa-update.cron |
||||||
|
This script is executed by cron. It runs sa-update only if a known spam |
||||||
|
daemon is running: spamd, amavisd, or mimedefang. If you do not run any |
||||||
|
of these spam daemons but wish to have nightly sa-update, you may |
||||||
|
override the daemon check in /etc/sysconfig/sa-update |
||||||
|
|
||||||
|
3) /etc/mail/spamassassin/channel.d |
||||||
|
All sa-update channels are defined in files contained in this directory. |
||||||
|
See the existing config files as examples for writing your own config file. |
||||||
|
|
||||||
|
4) SOUGHT Anti-Fraud Rule Channel is Enabled by Default |
||||||
|
http://wiki.apache.org/spamassassin/SoughtRules |
||||||
|
|
||||||
|
General Warnings |
||||||
|
================ |
||||||
|
* DO NOT USE SARE or OpenProtect rules. They are old and outdated, and |
||||||
|
can be dangerous. Many of the useful rules have been integrated into |
||||||
|
upstream spamassassin. |
||||||
|
|
||||||
|
Note about -d option |
||||||
|
==================== |
||||||
|
|
||||||
|
With spamassassin 3.4.0, this package has switched the way spamd is started. |
||||||
|
You should no longer use the '-d' option in /etc/sysconfig/spamassassin. Doing |
||||||
|
so will result in spamd starting and stopping in a loop. The default |
||||||
|
/etc/sysconfig/spamassassin file has been adjusted for this, please merge |
||||||
|
this change into that file if you have made any changes to it. |
@ -0,0 +1,9 @@ |
|||||||
|
# These values can be overridden by editing ~/.spamassassin/user_prefs.cf |
||||||
|
# (see spamassassin(1) for details) |
||||||
|
|
||||||
|
# These should be safe assumptions and allow for simple visual sifting |
||||||
|
# without risking lost emails. |
||||||
|
|
||||||
|
required_hits 5 |
||||||
|
report_safe 0 |
||||||
|
rewrite_header Subject [SPAM] |
@ -0,0 +1,102 @@ |
|||||||
|
#!/bin/bash |
||||||
|
# *** DO NOT MODIFY THIS FILE *** |
||||||
|
# |
||||||
|
# /etc/mail/spamassassin/channel.d/*.conf |
||||||
|
# Place files here to add custom channels. |
||||||
|
# |
||||||
|
|
||||||
|
# Proceed with sa-update if spam daemon is running or forced in /etc/sysconfig/sa-update |
||||||
|
unset SAUPDATE OPTIONS DEBUG NOTIFY_UPD |
||||||
|
[ -f /etc/sysconfig/sa-update ] && . /etc/sysconfig/sa-update |
||||||
|
[ "$SAUPDATE" = "no" ] && exit 0 |
||||||
|
for daemon in mimedefang spamd amavisd spampd; do |
||||||
|
/usr/bin/pgrep -f $daemon >& /dev/null |
||||||
|
[ $? -eq 0 ] && SAUPDATE=yes |
||||||
|
done |
||||||
|
|
||||||
|
# Skip sa-update if daemon not detected |
||||||
|
[ -z "$SAUPDATE" ] && exit 0 |
||||||
|
|
||||||
|
# sa-update must create keyring |
||||||
|
if [ ! -d /etc/mail/spamassassin/sa-update-keys ]; then |
||||||
|
sa-update |
||||||
|
fi |
||||||
|
|
||||||
|
# Initialize Channels and Keys |
||||||
|
CHANNELLIST="" |
||||||
|
KEYLIST="" |
||||||
|
# Process each channel defined in /etc/mail/spamassassin/channel.d/ |
||||||
|
for file in /etc/mail/spamassassin/channel.d/*.conf; do |
||||||
|
[ ! -f "$file" ] && continue |
||||||
|
# Validate config file |
||||||
|
PREFIXES="CHANNELURL KEYID BEGIN" |
||||||
|
for prefix in $PREFIXES; do |
||||||
|
if ! grep -q "$prefix" $file; then |
||||||
|
echo "ERROR: $file missing $prefix" |
||||||
|
exit 255 |
||||||
|
fi |
||||||
|
done |
||||||
|
. "$file" |
||||||
|
#echo "CHANNELURL=$CHANNELURL" |
||||||
|
#echo "KEYID=$KEYID" |
||||||
|
CHANNELLIST="$CHANNELLIST $CHANNELURL" |
||||||
|
KEYLIST="$KEYLIST $KEYID" |
||||||
|
sa-update --import "$file" |
||||||
|
done |
||||||
|
|
||||||
|
# Sleep random amount of time before proceeding to avoid overwhelming the servers |
||||||
|
sleep $(expr $RANDOM % 7200) |
||||||
|
|
||||||
|
unset arglist |
||||||
|
# Run sa-update on each channel, restart spam daemon if success |
||||||
|
for channel in $CHANNELLIST; do |
||||||
|
arglist="$arglist --channel $channel" |
||||||
|
done |
||||||
|
for keyid in $KEYLIST; do |
||||||
|
arglist="$arglist --gpgkey $keyid" |
||||||
|
done |
||||||
|
/usr/bin/sa-update $OPTIONS $arglist |
||||||
|
status=$? |
||||||
|
now=`date +"%d-%b-%Y %T"` |
||||||
|
# cron runs this script tee /var/log/sa-update.log |
||||||
|
# We want to always write to the log, but only send mail |
||||||
|
# as configured. |
||||||
|
if [ $status -eq 0 ]; then |
||||||
|
if [ -n "$DEBUG" -o -n "$NOTIFY_UPD" ]; then |
||||||
|
echo "$now: SpamAssassin: Update processed successfully" |
||||||
|
else |
||||||
|
echo "$now: SpamAssassin: Update processed successfully" >>/var/log/sa-update.log |
||||||
|
fi |
||||||
|
if [ -f /usr/bin/systemctl ]; then |
||||||
|
systemctl condrestart spamassassin.service >& /dev/null |
||||||
|
[ -f /usr/lib/systemd/system/amavisd.service ] && systemctl condrestart amavisd.service >& /dev/null |
||||||
|
systemctl --quiet is-active mimedefang.service; [ $? -eq 0 ] && systemctl reload mimedefang.service >& /dev/null |
||||||
|
[ -f /usr/lib/systemd/system/spampd.service ] && systemctl condrestart spampd.service >& /dev/null |
||||||
|
else |
||||||
|
service spamassassin condrestart >& /dev/null |
||||||
|
[ -f /etc/rc.d/init.d/amavisd ] && service amavisd-new condrestart >& /dev/null |
||||||
|
[ -f /etc/rc.d/init.d/mimedefang ] && service mimedefang condrestart >& /dev/null |
||||||
|
[ -f /etc/rc.d/init.d/spampd ] && service spampd condrestart >& /dev/null |
||||||
|
fi |
||||||
|
|
||||||
|
exit $status |
||||||
|
fi |
||||||
|
if [ $status -eq 1 ]; then |
||||||
|
if [ -n "$DEBUG" ]; then |
||||||
|
echo "$now: SpamAssassin: No update available" |
||||||
|
else |
||||||
|
echo "$now: SpamAssassin: No update available" >>/var/log/sa-update.log |
||||||
|
fi |
||||||
|
exit $status |
||||||
|
fi |
||||||
|
if [ $status -eq 2 ]; then |
||||||
|
echo "$now: SpamAssassin: Problem applying update - pre files failed lint check" |
||||||
|
exit $status |
||||||
|
fi |
||||||
|
if [ $status -eq 4 ]; then |
||||||
|
echo "$now: SpamAssassin: Update available, but download or extract failed" |
||||||
|
exit $status |
||||||
|
fi |
||||||
|
|
||||||
|
echo "$now: SpamAssassin: Unknown error code $status from sa-update" |
||||||
|
exit $status |
@ -0,0 +1,12 @@ |
|||||||
|
# *** DO NOT MODIFY THIS FILE *** |
||||||
|
### Spamassassin Rules Updates ### |
||||||
|
# |
||||||
|
# http://wiki.apache.org/spamassassin/RuleUpdates |
||||||
|
# |
||||||
|
# sa-update automatically updates your rules once per day if a spam daemon like |
||||||
|
# spamd or amavisd are running. You can force sa-update to run in |
||||||
|
# /etc/sysconfig/sa-update |
||||||
|
# |
||||||
|
# /var/log/sa-update.log contains a history log of sa-update runs |
||||||
|
|
||||||
|
10 4 * * * root /usr/share/spamassassin/sa-update.cron 2>&1 | tee -a /var/log/sa-update.log |
@ -0,0 +1,23 @@ |
|||||||
|
# sa-update configuration |
||||||
|
# |
||||||
|
# Note that the opposite of "yes" is the empty string, NOT "no" |
||||||
|
|
||||||
|
# Don't run sa-update even if it's in /etc/cron.d/ - as installed |
||||||
|
#SAUPDATE=no |
||||||
|
|
||||||
|
# Run sa-update even if no daemon is detected |
||||||
|
#SAUPDATE=yes |
||||||
|
|
||||||
|
# Default: Run only if a daemon is detected |
||||||
|
|
||||||
|
# Options for the actual sa-update command |
||||||
|
# These are added to the channel configuration from |
||||||
|
# /etc/mail/spamassassin/channel.d/*.conf |
||||||
|
# OPTIONS=-v |
||||||
|
|
||||||
|
# Debug script - send mail even if no update available |
||||||
|
# DEBUG=yes |
||||||
|
|
||||||
|
# Send mail when updates successfully processed |
||||||
|
# Default: send mail only on error |
||||||
|
#NOTIFY_UPD=yes |
@ -0,0 +1,5 @@ |
|||||||
|
/var/log/sa-update.log { |
||||||
|
monthly |
||||||
|
notifempty |
||||||
|
missingok |
||||||
|
} |
@ -0,0 +1,28 @@ |
|||||||
|
### Spamassassin Rules Updates ### |
||||||
|
# |
||||||
|
# http://wiki.apache.org/spamassassin/RuleUpdates |
||||||
|
# |
||||||
|
# sa-update automatically updates your rules once per day if a spam daemon like |
||||||
|
# spamd or amavisd are running. |
||||||
|
|
||||||
|
[Unit] |
||||||
|
Description=Spamassassin Rules Update |
||||||
|
Documentation=man:sa-update(1) |
||||||
|
|
||||||
|
[Service] |
||||||
|
# Note that the opposite of "yes" is the empty string, NOT "no" |
||||||
|
# Options for the actual sa-update command |
||||||
|
# These are added to the channel configuration from |
||||||
|
# /etc/mail/spamassassin/channel.d/*.conf |
||||||
|
Environment=OPTIONS=-v |
||||||
|
|
||||||
|
# Debug script - send mail even if no update available |
||||||
|
#Environment=DEBUG=yes |
||||||
|
|
||||||
|
# Send mail when updates successfully processed |
||||||
|
# Default: send mail only on error |
||||||
|
#Environment=NOTIFY_UPD=yes |
||||||
|
|
||||||
|
ExecStart=/usr/share/spamassassin/sa-update.cron |
||||||
|
|
||||||
|
SuccessExitStatus=1 |
@ -0,0 +1,16 @@ |
|||||||
|
### Spamassassin Rules Updates ### |
||||||
|
# |
||||||
|
# http://wiki.apache.org/spamassassin/RuleUpdates |
||||||
|
# |
||||||
|
# sa-update automatically updates your rules once per day if a spam daemon like |
||||||
|
# spamd or amavisd are running. |
||||||
|
|
||||||
|
[Unit] |
||||||
|
Description=Spamassassin Rules Update timer |
||||||
|
Documentation=man:sa-update(1) |
||||||
|
|
||||||
|
[Timer] |
||||||
|
OnCalendar=daily |
||||||
|
|
||||||
|
[Install] |
||||||
|
WantedBy=spamassassin.service |
@ -0,0 +1,14 @@ |
|||||||
|
[Unit] |
||||||
|
Description=Spamassassin daemon |
||||||
|
After=syslog.target network.target |
||||||
|
Wants=sa-update.timer |
||||||
|
|
||||||
|
[Service] |
||||||
|
EnvironmentFile=-/etc/sysconfig/spamassassin |
||||||
|
ExecStart=/usr/bin/spamd $SPAMDOPTIONS |
||||||
|
StandardOutput=null |
||||||
|
StandardError=null |
||||||
|
Restart=always |
||||||
|
|
||||||
|
[Install] |
||||||
|
WantedBy=multi-user.target |
@ -0,0 +1,2 @@ |
|||||||
|
# Options to spamd |
||||||
|
SPAMDOPTIONS="-c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" |
@ -0,0 +1,2 @@ |
|||||||
|
# Options to spamd |
||||||
|
SPAMDOPTIONS="-d -c -m5 -H --razor-home-dir='/var/lib/razor/' --razor-log-file='sys-syslog'" |
Loading…
Reference in new issue