SpamAssassin is a Perl-based application used for e-mail spam filtering based on content-matching rules. SpamAssassin comes with a large set of rules which are applied to determine whether an email is spam or not. Most rules are based on regular expressions that are matched against the body or header fields of the message.
SpamAssassin supports several optional components to increase accuracy, its set of ‘network tests’ is key if you want to improve your hit-rate. In testing, it typically halves the false negative rate — in other words, it means that users will see half as many missed spams.
Network based spam detection
SpamAssassin includes support for three different Hash-based Network Tests, which compare fingerprints for received messages against shared lists of previously-seen spam messages.
- Razor2 database http://razor.sourceforge.net by Vipul Ved Prakash and Jordan Ritter allow Unix clients to work out of the same database used by the commercial customers of the Cloudmark system.
- Pyzor, a completely free database and software system, written by Frank Tobin, visit http://pyzor.sourceforge.net for more information.
- DCC, the Distributed Checksum Clearinghouse http://www.rhyolite.com/anti-spam/dcc/. The idea of DCC is that if mail recipients could compare the mail they receive, they could recognize unsolicited bulk mail.
Network based filtering methods Razor2, Pyzor. DCC firewall ports:
Razor2 port 2307 TCP Pyzor port 24441 UDP DCC port 6277 UDP
# yum install perl-Razor-Agent
# yum install pyzor
# wget http://www.dcc-servers.net/dcc/source/dcc.tar.Z # tar xzvf dcc.tar.Z # cd dcc* # ./configure --with-uid=amavis # make # make install # chown -R amavis:amavis /var/dcc # ln -s /var/dcc/libexec/dccifd /usr/local/bin/dccifd
Add the following to /etc/mail/spamassassin/local.cf
# razor use_razor2 1 # pyzor use_pyzor 1 # dcc use_dcc 1 dcc_home /var/dcc dcc_path /usr/local/bin/dccproc dcc_timeout 10 add_header all DCC _DCCB_: _DCCR_
Enable the DCC plugin in /etc/mail/spamassassin/v310.pre
# DCC - perform DCC message checks. loadplugin Mail::SpamAssassin::Plugin::DCC
SpamAssassin configuration check
# spamassassin --lint
# spamassassin -t -D razor2 < /usr/share/doc/spamassassin-*/sample-spam.txt # spamassassin -t -D pyzor < /usr/share/doc/spamassassin-*/sample-spam.txt # cdcc info
Most implementations of SpamAssassin will trigger on the GTUBE, a 68-byte string similar to the antivirus EICAR test file. If this string is inserted in a message and passed through the SpamAssassin engine, SpamAssassin will trigger with a weight of 1000.
Source: http://www.iredmail.org/forum/topic481-iredmail-support-install-pyzor-razor2-and- dcc-on-your-centosrhel-iredmail-server.html
10,634 total views, 2 views today