Bei mir ist es auch OpenSuse 10.3 und Plesk 8.6.
Ich habe bei mir qsheff II aus dem Source heraus installiert:
./configure --with-clamav --with-clamd-socket=/var/lib/clamav/clamd-socket --enable-virus-tag --enable-syslog --with-custom-prog
custom-prog wird bei mir genutzt, um Spam direkt an Spamcop zu versenden.
und die Verzeichnisse gem
/usr/local/etc/qsheff-II/install-wrapper.sh anlegen
angelegt.
Dazu gibt es ein Script in /var/qmail/bin namens qmail-spam mit folgendem Vorgehen
# chown root:qmail qmail-queue.spam + SetUID
# chown root:qmail qmail-queue.orig
# /var/qmail/bin/qmail-queue nach /var/qmail/bin/qmail-queue.orig kopieren
# ln -s /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue.spam
Wird nur qsheff genutzt, dann wird der Link direkt auf qmail-qsheff gesetzt, ich habe hier eben den Zwischenschritt zum Domain/User-spezifischen Aufruf von SA:
Hier das Script, das ich nutze:
Code:
#!/bin/bash
Domain=`echo $SMTPRCPTTO | tr "[:upper:]" "[:lower:]"`
if [ -z "$Domain" ]; then
Domain=`echo $RECIPIENT | tr "[:upper:]" "[:lower:]"`
fi
DestPort=`echo $TCPLOCALPORT`
SPAMC=/usr/bin/spamc
MAX_SIZE=256000 # max letter size to filter
SA_PARAMS="--headers"
SOCKETPATH="/tmp/spamd_full.sock"
if [ "$DestPort" = "587" ] ; then
/var/qmail/bin/qmail-qsheff
elif [ "$SMTPHELOHOST" = "" ] ; then
/var/qmail/bin/qmail-queue.orig
else
case $Domain in
[email protected]|[email protected]) /var/qmail/bin/qmail-queue.orig;;
[email protected]) /var/qmail/bin/qmail-queue.orig;;
*@<domain>) "$SPAMC" -s "$MAX_SIZE" -u <domainuser> -U "$SOCKETPATH" -E | /var/qmail/bin/qmail-qsheff;;
<single email>) "$SPAMC" "$SA_PARAMS" -s "$MAX_SIZE" -u <single email> -U "$SOCKETPATH" -E | /var/qmail/bin/qmail-qsheff;;
*) /var/qmail/bin/qmail-qsheff;;
esac
fi
Das Script ruft also SA nur für einzelne Domains oder für einzelne Email-Adressen auf, wobei hier der Eingriff durch den Admin erforderlich ist.
Zusätzlich sind Mails, die am Submission Port eingeliefert werden, vom Spam-Check ausgenommen, da sich hier der User ja authentisieren muss und lokal versandte Mails (um u.a. die Weiterleitung des Spam an Spamcop nicht zu blocken). Die Nutzung des Submission-Ports bei mir erfolgt, da ich den Port 25 sehr restriktiv gegen Blacklisten prüfe. Damit erspare ich mir 99+ % des Spams (ich habe nur ca. 2 % Spam-Mails, die durch SA beim obigen Check noch erwischt werden). Der Rest wird bereits beim Versuch geblockt, Spam abzuliefern.
Zum Config-File von qsheff unter /usr/local/etc/qsheff-II/qsheff.conf
Code:
#
# EnderUNIX qSheff configuration file
#
# http://www.enderunix.org/qsheff
#
# $Id: qsheff.conf-default.in,v 1.4 2006/08/31 12:15:15 simsek Exp $
#
QSHEFFDIR = /var/qsheff
LOGFILE = /var/log/qsheff.log
RIPMIME = "/usr/local/bin/ripmime"
# Disable this if you are using Bogofilter.
# The qsheff signature will affect the results!!!
enable_qsheff_sign = 1
# Set debug level
# qsheff will log entries which have a debug level less than this value.
# debug_level = 99 logs everything
# debug_level = 0 logs only internal errors
#
# level Identifier Comment
# ------- ------------ -----------------------------------------------
# 0 ERR Internal error.
# 2 QUEUE qSheff passed the mail to qmail-queue.
# 3 VIRUS Antivirus software found a virus.
# 5 CUSTOM Custom filter program caught a spam pattern.
# 11 SPAM Found spam pattern.
# 13 ATTACH Caught prohibited attach file.
# 15 HEADER Mail header problem.
#
debug_level = 99
# When enabled, qSheff doesn't return the "permanantly error"
# for spam or infected messages.
enable_spam_blackhole = 0
enable_virus_blackhole = 0
# 0: Don't panic when any function doesnt work
# Just continue to finish job.
# 1: Spammer and antivirus must work.
# Condone other errors.
# 2: Don't forgive any error.
#
# Note that: This feature is not implemented yet.
paronia_level = 0
# Drop mail if the From: line is empty.
drop_empty_from = 0
# When set to 1, enables quarantine for spams and virus mails.
enable_quarantine = 1
# When set to 1, enables ignore list feature.
# qSheff doesn't perform spam filtering for the addresses in qsheff.ignore
enable_ignore_list = 1
# When set to 1, enables header rules based on regular expressions.
# Header rules starts with a leading h: pattern.
# Check the qsheff.rules
enable_header_filter = 1
# When set to 1, enables body rules based on regular expressions.
# Header rules starts with a leading b: pattern.
# Check the qsheff.rules
enable_body_filter = 1
# When set to 1, enables attachment filtering.
# Check the qsheff.attach
enable_attach_filter = 0
# When set to 1, enables ClamAv antivirus client.
# qSheff connects to Clamd directly, through a socket file.
# The socket file must be specified at compile time
# by --with-clamd-socket option.
enable_clamd = 1
# When set to 1, enables user defined filtering programs.
# The CUSTOM_PROG variable must be defined.
enable_custom_prog = 0
# Pre-defined variables to pass custom filter program:
#
# %%mailfrom%% as email address: source address.
# %%mailto%% as email address: target address.
# %%remoteip%% as IP address: remote SMTP server.
# %%msgfile%% as filename: full path of stored incoming mail.
# %%tempdir%% as directory path: full of the tempdir includes parts of mail (attachments, body, header etc.)
#
# Examples:
# CUSTOM_PROG = "/usr/bin/myscript -f %%mailfrom%% -t %%mailto%% -r %%tempdir%%"
# CUSTOM_PROG = "/usr/local/bin/bogofilter --bogofilter-dir=/etc/bogofilter -I %%msgfile%%"
#
#CUSTOM_PROG =
# For the custom program return value 'ret',
# if CUSTOM_RET_MIN <= ret <= CUSTOM_RET_MAX
# qSheff will assume the mail has spam content.
# So qSheff will return 'permanently error'.
CUSTOM_RET_MIN = 100
CUSTOM_RET_MAX = 100
# Return value for errors.
# qSheff assumes that, all nagative return codes indicate a failure.
# if ret < 0 or ret == CUSTOM_RET_ERR => then return 'temporary error'
CUSTOM_RET_ERR = -1
# For bogofilter:
#CUSTOM_RET_MIN = 1
#CUSTOM_RET_MAX = 1
#CUSTOM_RET_ERR = 3
# This string will be appended to the end of the custom message.
# It may be your company or organisation name. Can be maximum 32 characters
# Custom error patch must be applied and enabled.
custom_sign = ""
wobei ich das Custom Prog mal rausgelassen habe (Spam Report).
Für die Erkennung vom Spam-Mails durch SA und qsheff findet sich in qsheff.rules zusätzlich:
Code:
h:(X-Spam-Status: Yes)
h:(X-Spam-Status: YES)
h:(X-Spam-Flag: YES)
und das war es soweit.