swift 08/05/20 20:12:23 Modified: mailfilter-guide.xml Log: Coding style
Revision Changes Path 1.21 xml/htdocs/doc/en/mailfilter-guide.xml file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?rev=1.21&view=markup plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?rev=1.21&content-type=text/plain diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml?r1=1.20&r2=1.21 Index: mailfilter-guide.xml =================================================================== RCS file: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v retrieving revision 1.20 retrieving revision 1.21 diff -u -r1.20 -r1.21 --- mailfilter-guide.xml 3 Aug 2007 01:31:02 -0000 1.20 +++ mailfilter-guide.xml 20 May 2008 20:12:23 -0000 1.21 @@ -1,6 +1,6 @@ <?xml version='1.0' encoding='utf-8'?> -<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v 1.20 2007/08/03 01:31:02 nightmorph Exp $ --> +<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/mailfilter-guide.xml,v 1.21 2008/05/20 20:12:23 swift Exp $ --> <!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> <guide link="/doc/en/mailfilter-guide.xml"> @@ -36,7 +36,7 @@ <p> This guide describe step by step how to install a spam and virus filtering mail -gateway. It is quite simple to adopt this to a single server solution. +gateway. It is quite simple to adopt this to a single server solution. </p> </body> @@ -55,11 +55,11 @@ <p> In this setup applications with good security records and readable configuration files have been chosen. The email MTA is postfix which -has a good security record and is fairly easy to setup right. -Postfix will listen normally on port 25 for incoming mail. Upon reception it -will forward it to Amavisd-new on port 10024. Amavisd-new will then filter -the mail through different filters before passing the mail back to Postfix -on port 10025 which in turn will forward the mail to the next mail server. +has a good security record and is fairly easy to setup right. +Postfix will listen normally on port 25 for incoming mail. Upon reception it +will forward it to Amavisd-new on port 10024. Amavisd-new will then filter +the mail through different filters before passing the mail back to Postfix +on port 10025 which in turn will forward the mail to the next mail server. </p> <p> @@ -67,7 +67,7 @@ virus filtering and spam filtering. In this setup we will be using two helper applications one ClamAV for filtering virus mails and Spamassassin for filtering spam. Spamassassin itself can function as yet another layer of content filtering -framework and utilize the helper applications Vipul's Razor2 and DCC. +framework and utilize the helper applications Vipul's Razor2 and DCC. </p> <p> @@ -91,8 +91,8 @@ </ul> <p> -The first part (chapters 1 to 4) of the guide will describe the basic setup -of a mailfiltering gateway. The next chapters can be implemented individually +The first part (chapters 1 to 4) of the guide will describe the basic setup +of a mailfiltering gateway. The next chapters can be implemented individually with no dependence between each chapter. These chapters describe how to: </p> @@ -112,13 +112,13 @@ <note> The IMAP folders will be using the maildir format. Having each mail in a separate file makes handling much simpler. If you're using mbox I propose to -give maildir a try. If you're not already using maildir emerge the necessary +give maildir a try. If you're not already using maildir emerge the necessary tools with <c>emerge courier-imap</c>. </note> <p> A planned fifth part will contain various tips regarding performance and things -you may want to know (running chrooted, postfix restrictions, etc.). +you may want to know (running chrooted, postfix restrictions, etc.). </p> <note> @@ -126,7 +126,7 @@ know and trust these third parties. In this setup only the decision to quarantine virus mails are based on a single third party. Using Spamassassin's scoring system the decision to stop spam mails are not made by a single -authority except perhaps Spamassassins own static rules. +authority except perhaps Spamassassins own static rules. </note> <warn> @@ -137,7 +137,7 @@ link="http://www.geekcomix.com/cgi-bin/classnotes/wiki.pl?UNIX03/Realtime_Blackhole_Lists_Are_Bad";>Realtime Blackhole Lists Are Bad</uri> and <uri link="http://theory.whirlycott.com/~phil/antispam/rbl-bad/rbl-bad.html";>The Spam -Problem: Moving Beyond RBLs</uri> +Problem: Moving Beyond RBLs</uri> </warn> </body> @@ -152,7 +152,7 @@ experienced with setting up Postfix it might quickly become too complicated if all should be set up at once. If you need help you can find it in the excellent <uri link="http://www.gentoo.org/doc/en/virt-mail-howto.xml";>Virtual -Mailhosting System with Postfix Guide</uri> in the Gentoo Documentation. +Mailhosting System with Postfix Guide</uri> in the Gentoo Documentation. </p> </body> @@ -165,8 +165,8 @@ <body> <p> -We start out by installing the most important programs: Amavisd-new, -Spamassassin and ClamAV. +We start out by installing the most important programs: Amavisd-new, +Spamassassin and ClamAV. </p> <pre caption="Installing Amavis, Spamassassin and Clamav"> @@ -177,7 +177,7 @@ As previously mentioned you should already have a working <c>postfix</c> instance running on the box. Basically this shouldn't be much more than <c>emerge postfix</c> <e>and</e> have a basic understanding of how Postfix is -working. +working. </note> </body> @@ -188,12 +188,12 @@ <note> If you're not setting up a gateway server but have the mailboxes on -the same server you only have to create the MX-Record. +the same server you only have to create the MX-Record. </note> <p> While the programs are emerging fire up another shell and create the needed DNS -records. +records. </p> <p> @@ -213,7 +213,7 @@ <note> Some ADSL providers might block port 25 and force you to relay mail through one of their servers. Typically you have to create a secondary MX-Record -like <c>MX 20 backup-mx.some-isp.tld</c> +like <c>MX 20 backup-mx.some-isp.tld</c> </note> </body> @@ -240,7 +240,7 @@ </tr> <tr> <ti>Razor</ti><ti>TCP</ti><ti>2703</ti> -</tr> +</tr> </table> <p> @@ -269,7 +269,7 @@ #lmtp-amavis unix - - n - 2 lmtp # -o lmtp_data_done_timeout=1200 # -o lmtp_send_xforward_command=yes</comment> - + 127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= @@ -306,7 +306,7 @@ <note> If you want to reject spam early on in the process you can use the -Before-Queue (proxy) method instead of the filter method. If you uncomment +Before-Queue (proxy) method instead of the filter method. If you uncomment the three lines you will have to set <c>content_filter=</c> in <path>main.cf</path>. This is not recommended for high traffic servers as the number of concurrent connections are limited to the number of @@ -318,8 +318,8 @@ </warn> <note> -If you, for any reason whatsoever, want to send mail from this box and don't -want it scanned, add another postfix instance by uncommenting the last two +If you, for any reason whatsoever, want to send mail from this box and don't +want it scanned, add another postfix instance by uncommenting the last two lines and substitute with a proper IP. </note> @@ -337,7 +337,7 @@ <p> We also need to set the next hop destination for mail. Tell Postfix to filter all mail through an external content filter and enable explicit routing to let -Postfix know where to forward the mail to. +Postfix know where to forward the mail to. </p> <pre caption="Modifying /etc/postfix/main.cf"> @@ -367,7 +367,7 @@ <p> The format of the <path>transport</path> file is the normal Postfix hash file. Mail to the domain on the left hand side is forwarded to the destination on the -right hand side. +right hand side. </p> <pre caption="/etc/postfix/transport"> @@ -379,13 +379,13 @@ does not actually read this file so we have to convert it to the proper format with <c>postmap /etc/postfix/transport</c>. This creates the file <path>/etc/postfix/transport.db</path>. There is no need to reload Postfix as it -will automatically pick up the changes. +will automatically pick up the changes. </p> <note> -If the next hop mail server is not listening on the standard SMTP port 25 you -can tell postfix to use a given port number, like -<c>smtp:mail.mydomain.tld:25000</c>. +If the next hop mail server is not listening on the standard SMTP port 25 you +can tell postfix to use a given port number, like +<c>smtp:mail.mydomain.tld:25000</c>. </note> <p> @@ -418,7 +418,7 @@ together severel different technologies. Upon reception of a mail message it will extract the mail, filter it through some custom filters, handle white and black listing, filter the mail through various virus scanners and finally it -will filter the mail using SpamAssassin. +will filter the mail using SpamAssassin. </p> <p> @@ -429,13 +429,14 @@ <li> it identifies dangerous file attachments and has policies to handle them </li> - <li>per-user, per-domain and system-wide policies for: - <ul> - <li>whitelists</li> - <li>blacklists</li> - <li>spam score thresholds</li> - <li>virus and spam policies</li> - </ul> + <li> + per-user, per-domain and system-wide policies for: + <ul> + <li>whitelists</li> + <li>blacklists</li> + <li>spam score thresholds</li> + <li>virus and spam policies</li> + </ul> </li> </ul> @@ -468,21 +469,21 @@ <pre caption="Editing /etc/amavisd.conf"> <comment>(Insert the domains to be scanned)</comment> -$mydomain = 'example.com'; +$mydomain = 'example.com'; <comment>(Bind only to loopback interface)</comment> $inet_socket_bind = '127.0.0.1'; <comment>(Forward to Postfix on port 10025)</comment> $forward_method = 'smtp:127.0.0.1:10025'; -$notify_method = $forward_method; +$notify_method = $forward_method; <comment>(Define the account to send virus alert emails)</comment> $virus_admin = "[EMAIL PROTECTED]"; <comment>(Always add spam headers)</comment> -$sa_tag_level_deflt = -100; +$sa_tag_level_deflt = -100; <comment>(Add spam detected header aka X-Spam-Status: Yes)</comment> -$sa_tag2_level_deflt = 5; +$sa_tag2_level_deflt = 5; <comment>(Trigger evasive action at this spam level)</comment> $sa_kill_level_deflt = $sa_tag2_level_deflt; -<comment>(Do not send delivery status notification to sender. It does not affect +<comment>(Do not send delivery status notification to sender. It does not affect delivery of spam to recipient. To do that, use the kill_level)</comment> $sa_dsn_cutoff_level = 10; <comment>Don't bounce messages left and right, quarantine @@ -495,9 +496,9 @@ <note> With this line <c>$sa_tag2_level_deflt = 5;</c> you set the Spamassassin spam score to 5. This might be a bit low. As you might have noticed the Amavisd-new -default is <c>6.3</c>. If you don't want to see a single spam mail in your -mail folder choose <c>5</c>, but if you don't want to deal with false positives -choose <c>6.3</c>. +default is <c>6.3</c>. If you don't want to see a single spam mail in your +mail folder choose <c>5</c>, but if you don't want to deal with false positives +choose <c>6.3</c>. </note> <p> @@ -534,9 +535,9 @@ LogSyslog LogVerbose LogFacility LOG_MAIL -<comment>(Change pid file location)</comment> +<comment>(Change pid file location)</comment> PidFile /var/run/amavis/clamd.pid -<comment>(Set the clamav socket)</comment> +<comment>(Set the clamav socket)</comment> LocalSocket /var/amavis/clamd <comment>(Close the connection when this limit is exceeded)</comment> StreamMaxLength 10M @@ -552,9 +553,9 @@ </note> <p> -ClamAV comes with the <c>freshclam</c> deamon dedicated to periodical checks -of virus signature updates. Instead of updating virus signatures twice a day -we will make <c>freshclam</c> update virus signatures every two hours. +ClamAV comes with the <c>freshclam</c> deamon dedicated to periodical checks +of virus signature updates. Instead of updating virus signatures twice a day +we will make <c>freshclam</c> update virus signatures every two hours. </p> <pre caption="Edit /etc/freshclam.conf"> @@ -572,7 +573,7 @@ <p> Start <c>clamd</c> with <c>freshclam</c> using the init scripts by modifying -<path>/etc/conf.d/clamd</path>. +<path>/etc/conf.d/clamd</path>. </p> <pre caption="Modifying /etc/conf.d/clamd"> @@ -604,10 +605,10 @@ <body> <p> -Razor2 is a collaborative and distributed spam checksum network. Install it -with <c>emerge razor</c> and create the needed configuration files. Do this -as user <c>amavis</c> by running <c>su - amavis</c> followed <c>razor-admin --create</c>. +Razor2 is a collaborative and distributed spam checksum network. Install it +with <c>emerge razor</c> and create the needed configuration files. Do this +as user <c>amavis</c> by running <c>su - amavis</c> followed <c>razor-admin +-create</c>. </p> <pre caption="Creating the required configuration files"> @@ -632,7 +633,7 @@ <p> Like Razor2, dcc is a collaborative and distributed spam checksum network. Its philosopy is to count the number of recipients of a given mail identifying each -mail with a fuzzy checksum. +mail with a fuzzy checksum. </p> <pre caption="Installing DCC"> @@ -681,7 +682,7 @@ <note> You can find inspiration for your <path>local.cf</path> file by trying the <uri link="http://www.yrex.com/spam/spamconfig.php";>SpamAssassin Configuration -Generator</uri>. +Generator</uri>. </note> <note> @@ -700,8 +701,8 @@ <p> Once mail really starts passing through this mail gateway you will probably discover that the above setup is not perfect. Maybe some of your customers like -to receive mails that others wouldn't. You can whitelist/blacklist -envelope senders quite easily. Uncomment the following line in +to receive mails that others wouldn't. You can whitelist/blacklist +envelope senders quite easily. Uncomment the following line in <path>amavisd.conf</path>. </p> @@ -710,15 +711,15 @@ </pre> <p> -In the <path>sender_scores_sitewide</path> file you put complete email -addresses or just the domian parts and then note a positive/negative score +In the <path>sender_scores_sitewide</path> file you put complete email +addresses or just the domian parts and then note a positive/negative score to add to the spam score. </p> <pre caption="whitelist_sender example"> <comment>(Whitelist all emails from the specific email address)</comment> [EMAIL PROTECTED] -3.0 -<comment>(Whitelist all emails from the example.net excluding subdomains)</comment> +<comment>(Whitelist all emails from the example.net excluding subdomains)</comment> .example.net 1.0 </pre> @@ -728,7 +729,7 @@ <note> Placing these addresses outside <path>amavisd.conf</path> is a cleaner and safer -solution. +solution. </note> <note> @@ -738,14 +739,14 @@ </note> <note> -In a later chapter I will show how to implement per-user policies using +In a later chapter I will show how to implement per-user policies using MySQL. </note> <p> While waiting for a better method you can add the following to <path>amavisd.conf</path> to bypass spam checks for <c>postmaster</c> and -<c>abuse</c> mailboxes. +<c>abuse</c> mailboxes. </p> <pre caption="By pass spam filters for all postmaster and abuse mails"> @@ -761,7 +762,7 @@ link="http://www.ietf.org/rfc/rfc2142.txt";>RFC 2142 MAILBOX NAMES FOR COMMON SERVICES, ROLES AND FUNCTIONS</uri>. Otherwise your domains might end up listed in some of the evil lists over at <uri -link="http://www.rfc-ignorant.org/";>rfc-ignorant.org</uri>. +link="http://www.rfc-ignorant.org/";>rfc-ignorant.org</uri>. </impo> </body> @@ -812,8 +813,8 @@ </pre> <p> -Now you have updated virus definitions and you know that -<path>freshclam.conf</path> is working properly. +Now you have updated virus definitions and you know that +<path>freshclam.conf</path> is working properly. </p> <p> @@ -843,7 +844,7 @@ <p> Now if no strange messages appear in the log file it is time for a new -test. +test. </p> <p> @@ -858,10 +859,10 @@ <note> For some unknown reason you can not complete a manual mail injection to -<c>amavisd</c> with netcat. Use <c>telnet</c> instead. +<c>amavisd</c> with netcat. Use <c>telnet</c> instead. </note> -<pre caption="Manually checking that amavisd and postfix are listning to the new ports"> +<pre caption="Manually checking that amavisd and postfix are listning to the new ports"> # <i>nc localhost 10024</i> <comment>(Amavis working)</comment> 220 [127.0.0.1] ESMTP amavisd-new service ready @@ -931,7 +932,7 @@ <p> If you manually want to check some of the mails to ensure that you have no false positives you can use the following <c>procmail</c> recipe to sideline spam -found into different mail folders. +found into different mail folders. </p> </body> @@ -1019,11 +1020,11 @@ </pre> <warn> -This grants members of the <c>mailusers</c> groups access to <c>amavis</c> +This grants members of the <c>mailusers</c> groups access to <c>amavis</c> mail. </warn> -<p> +<p> This makes the spam and ham folders writable but not readable. This way users can safely submit their ham without anyone else being able to read it. </p> @@ -1056,9 +1057,9 @@ <pre caption="amavis crontab"> <comment>#Auto learn</comment> 0 * * * * /usr/bin/sa-learn --spam /var/amavis/.maildir/Bayes/.spam/{cur,new} \ - > /dev/null 2>&1 + > /dev/null 2>&1 0 * * * * /usr/bin/sa-learn --ham /var/amavis/.maildir/Bayes/.ham/{cur,new} > \ - /dev/null 2>&1 + /dev/null 2>&1 </pre> <note> @@ -1080,7 +1081,7 @@ <p> Now modify amavis to redirect spam emails to the <c>spamtrap</c> account and -keep spamheaders. +keep spamheaders. </p> <pre caption="Modifying /etc/amavisd.conf"> @@ -1102,7 +1103,7 @@ <c>sa-learn --ham</c> and then redelivered with all headers intact using a patched version of <uri link="http://www.engelschall.com/sw/smtpclient/";>smtpclient</uri> by Ralf S. -Engelschall. +Engelschall. </p> <p> @@ -1134,9 +1135,9 @@ <p> Now we only have to copy the <c>redeliver.pl</c> file to -<path>/usr/local/bin/</path>. <uri -link="http://home.coming.dk/files/redeliver.pl";>Download it</uri> or use -the version below. +<path>/usr/local/bin/</path>. <uri +link="http://home.coming.dk/files/redeliver.pl";>Download it</uri> or use +the version below. </p> <pre caption="redeliver.pl"> @@ -1236,7 +1237,7 @@ </p> <pre caption="Download and installing pflogsumm"> -# <i>wget http://jimsun.linxnet.com/downloads/pflogsumm-1.1.0.tar.gz</i> +# <i>wget http://jimsun.linxnet.com/downloads/pflogsumm-1.1.0.tar.gz</i> # <i>tar xzf pflogsumm-1.1.0.tar.gz</i> # <i>cp pflogsumm-1.1.0/pflogsumm.pl /usr/local/bin/</i> </pre> @@ -1302,13 +1303,13 @@ mail the mail is rejected with a <e>try again later</e> message. This means that mail gets delayed but also that stupid spam bots that do not implement the RFC protocol will drop the attempt to -deliver the spam and never retry. With time spam bots will probably -adjust, however it will give other technologies more time to identify +deliver the spam and never retry. With time spam bots will probably +adjust, however it will give other technologies more time to identify the spam. </p> <note> -If your ISP blocks incoming traffic on port 25 and relays all mail to you +If your ISP blocks incoming traffic on port 25 and relays all mail to you through their own mail server greylisting will not work. </note> @@ -1326,7 +1327,7 @@ There are other greylisting policy servers for Postfix around (such as <uri link="http://www.gasmi.net/gld.html";>Gld</uri>, which is in Portage, and <uri link="http://sqlgrey.sourceforge.net/";>SQLgrey</uri>). Some of them support -database backends, auto whitelisting and other neat features. +database backends, auto whitelisting and other neat features. </note> </body> @@ -1367,7 +1368,7 @@ situations for the mail queue and mail box situations, this is not the case with the greylisting database. If the file becomes corrupted you may not be able to receive mail at all until you delete the file -by hand. +by hand. </warn> </body> @@ -1403,15 +1404,15 @@ </pre> <warn> -Be sure to specify <c>check_sender_access</c> AFTER +Be sure to specify <c>check_sender_access</c> AFTER <c>reject_unauth_destination</c> or else your system could become an -open mail relay. +open mail relay. </warn> <note> The greylist database gets polluted quickly with bogus addresses. It helps if you protect greylist lookups with other restrictions that -reject unknown senders and/or recipients. +reject unknown senders and/or recipients. </note> <p> @@ -1523,11 +1524,11 @@ <p> SPF allows domain owners to state in their DNS records which IP addressess should be allowed to send mails from their domain. This -will prevent spammers from spoofing the <c>Return-Path</c>. +will prevent spammers from spoofing the <c>Return-Path</c>. </p> <note> -If your ISP blocks incoming traffic on port 25 and relays all mail to you +If your ISP blocks incoming traffic on port 25 and relays all mail to you through their own mail server SPF will not work. </note> @@ -1556,7 +1557,7 @@ <p> Spamassassin 3.0 has support for SPF, however it is not enabled by default -and the new policy daemon in Postfix supports SPF so let's install SPF support +and the new policy daemon in Postfix supports SPF so let's install SPF support for Postfix. </p> @@ -1583,7 +1584,7 @@ <note> The <path>spf.pl</path> coming with Postfix is slightly buggy so find -and uncomment the following line: <c>push @HANDLERS, "sender_permitted_from"; +and uncomment the following line: <c>push @HANDLERS, "sender_permitted_from"; use Mail::SPF::Query;</c>. Furthermore in about line 199 substitute <c>comemnt</c> with <c>comment</c>. Alternatively you can download a <uri link="http://spf.pobox.com/postfix-policyd.txt";>development @@ -1658,7 +1659,7 @@ </pre> <p> -Now that the database is created we'll need to create the necessary tables. +Now that the database is created we'll need to create the necessary tables. You can cut and paste the following into the mysql prompt: </p> @@ -1694,7 +1695,7 @@ wb char(1) NOT NULL, -- W or Y / B or N / space=neutral PRIMARY KEY (rid,sid) ); - + CREATE TABLE policy ( id int unsigned NOT NULL auto_increment, policy_name varchar(32), -- not used by amavisd-new @@ -1710,7 +1711,7 @@ spam_quarantine_to varchar(64) DEFAULT NULL, -- (optional field) spam_tag_level float, -- higher score inserts spam info headers spam_tag2_level float DEFAULT NULL, -- higher score inserts - -- 'declared spam' info header fields + -- 'declared spam' info header fields spam_kill_level float, -- higher score activates evasive actions, e.g. -- reject/drop, quarantine, ... -- (subject to final_spam_destiny setting) @@ -1724,20 +1725,20 @@ </note> <note> -Lookups trying to match email are done with raw (rfc2821-unquoted +Lookups trying to match email are done with raw (rfc2821-unquoted and unbracketed) addresses as a key, i.e.: -<c>John "Funny" [EMAIL PROTECTED]</c> +<c>John "Funny" [EMAIL PROTECTED]</c> </note> <note> -Lookups are performed in the following order: <c>SQL</c>, <c>LDAP</c>, +Lookups are performed in the following order: <c>SQL</c>, <c>LDAP</c>, <c>hash</c>, <c>ACL</c>, <c>regexp</c>, <c>constant</c>. The first that returns a definitive answer (not <c>undef/NULL</c>) stops the search. </note> <p> If you wish to use whitelisting and blacklisting you must add the -sender and receiver to <c>mailadr</c> after which you create the relation +sender and receiver to <c>mailadr</c> after which you create the relation between the two e-mail addresses in <c>wblist</c> and state if it is whitelisting (<c>W</c>) or blacklisting (<c>B</c>). </p> @@ -1851,7 +1852,7 @@ </pre> <p> -Now that the database is created we'll create the necessary tables. You can cut +Now that the database is created we'll create the necessary tables. You can cut and paste the following into the mysql prompt: </p> @@ -1884,7 +1885,7 @@ ham_count int(11) NOT NULL default '0', atime int(11) NOT NULL default '0', PRIMARY KEY (id, token), - INDEX (id, atime) + INDEX (id, atime) ) TYPE=MyISAM; CREATE TABLE bayes_vars ( @@ -1901,7 +1902,7 @@ PRIMARY KEY (id), UNIQUE bayes_vars_idx1 (username) ) TYPE=MyISAM; - + CREATE TABLE awl ( username varchar(100) NOT NULL default '', email varchar(200) NOT NULL default '', @@ -1934,10 +1935,10 @@ </p> <pre caption="Converting Bayes data from a DBM Database"> -<i>su - amavis</i> -<i>sa-learn --sync</i> -<i>sa-learn --backup > backup.txt</i> -<i>sa-learn --restore backup.txt</i> +<i>su - amavis</i> +<i>sa-learn --sync</i> +<i>sa-learn --backup > backup.txt</i> +<i>sa-learn --restore backup.txt</i> </pre> <note> @@ -1993,7 +1994,7 @@ <p> To troubleshoot Amavisd-new start out by stopping it with <c>/etc/init.d/amavisd stop</c> and then start it manually in the foreground with <c>amavisd debug</c> -and watch it for anomalies in the output. +and watch it for anomalies in the output. </p> </body> @@ -2005,18 +2006,18 @@ <p> To troubleshoot Spamassassin you can filter an email through it with <c>spamassassin -D < mail</c>. To ensure that the headers are intact you can -move it from another machine with IMAP. +move it from another machine with IMAP. </p> <note> -If you need to troubleshoot you have to enable login for the user -<c>amavis</c> by changing the login shell in <path>/etc/passwd</path> to +If you need to troubleshoot you have to enable login for the user +<c>amavis</c> by changing the login shell in <path>/etc/passwd</path> to <path>/bin/bash</path>. </note> <p> If you want you can make get the same information and more with Amavisd-new -using <c>amavisd debug-sa</c>. +using <c>amavisd debug-sa</c>. </p> </body> @@ -2031,7 +2032,7 @@ link="http://marc.theaimsgroup.com/?l=amavis-user";>Amavis User mailing list archives</uri>. If you find no answer here you can subscribe to the <uri -link="https://lists.sourceforge.net/lists/listinfo/amavis-user";>Amavis User +link="https://lists.sourceforge.net/lists/listinfo/amavis-user";>Amavis User mailing list</uri> </p> @@ -2051,31 +2052,41 @@ <body> <ul> -<li><uri -link="http://www.ijs.si/software/amavisd/INSTALL";>Amavisd-new -INSTALL</uri></li> -<li><uri -link="http://www.ijs.si/software/amavisd/README.postfix";>Amavisd-new -Postfix README</uri> -</li> -<li><uri -link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks";>Amavisd-new -Policy bank documentation</uri> -</li> -<li><uri -link="http://spamassassin.apache.org/full/3.0.x/dist/sql/README";>Spamassassin -SQL README</uri></li> -<li><uri link="http://www.greylisting.org";>Greylisting</uri></li> -<li><uri link="http://www.postfix.org/FILTER_README.html";>Postfix -SMTPD_POLICY_README</uri></li> -<li><uri -link="http://www.unixwiz.net/techtips/postfix-HELO.html";>Blocking -spammers with Postfix HELO controls</uri></li> -<li><uri -link="http://www.linuxjournal.com/article.php?sid=7327";>SPF Overview</uri></li> -<li><uri -link="http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt";>Jim -Seymour's Postfix Anti-UCE Cheat Sheet</uri></li> + <li> + <uri link="http://www.ijs.si/software/amavisd/INSTALL";>Amavisd-new + INSTALL</uri> + </li> + <li> + <uri link="http://www.ijs.si/software/amavisd/README.postfix";>Amavisd-new + Postfix README</uri> + </li> + <li> + <uri link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html#pbanks";>Amavisd-new + Policy bank documentation</uri> + </li> + <li> + <uri link="http://spamassassin.apache.org/full/3.0.x/dist/sql/README";>Spamassassin + SQL README</uri> + </li> + <li> + <uri link="http://www.greylisting.org";>Greylisting</uri> + </li> + <li> + <uri link="http://www.postfix.org/FILTER_README.html";>Postfix + SMTPD_POLICY_README</uri> + </li> + <li> + <uri link="http://www.unixwiz.net/techtips/postfix-HELO.html";>Blocking + spammers with Postfix HELO controls</uri> + </li> + <li> + <uri link="http://www.linuxjournal.com/article.php?sid=7327";>SPF + Overview</uri> + </li> + <li> + <uri link="http://jimsun.linxnet.com/misc/postfix-anti-UCE.txt";>Jim + Seymour's Postfix Anti-UCE Cheat Sheet</uri> + </li> </ul> </body> @@ -2085,17 +2096,24 @@ <body> <ul> -<li><uri link="http://www.spamassassin.org";>Spamassassin</uri></li> -<li><uri link="http://www.ijs.si/software/amavisd/";>Amavisd-new</uri></li> -<li><uri -link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html";>Amavisd-new -documentation bits and pieces</uri></li> -<li><uri link="http://razor.sourceforge.net/";>Vipuls's Razor</uri></li> -<li><uri link="http://pyzor.sourceforge.net/";>Pyzor</uri></li> -<li><uri link="http://www.rhyolite.com/anti-spam/dcc/";>Distributed Checksum -Clearinghouse</uri></li> <li><uri -link="http://www.renaissoft.com/projects/maia/";>Maia Mailguard</uri></li> + <li><uri link="http://www.spamassassin.org";>Spamassassin</uri></li> + <li><uri link="http://www.ijs.si/software/amavisd/";>Amavisd-new</uri></li> + <li> + <uri link="http://www.ijs.si/software/amavisd/amavisd-new-docs.html";>Amavisd-new + documentation bits and pieces</uri> + </li> + <li><uri link="http://razor.sourceforge.net/";>Vipuls's Razor</uri></li> + <li><uri link="http://pyzor.sourceforge.net/";>Pyzor</uri></li> + <li> + <uri link="http://www.rhyolite.com/anti-spam/dcc/";>Distributed Checksum + Clearinghouse</uri> + </li> + <li> + <uri link="http://www.renaissoft.com/projects/maia/";>Maia + Mailguard</uri> + </li> </ul> + </body> </section> <section> @@ -2103,12 +2121,14 @@ <body> <ul> -<li><uri link="http://www.flakshack.com/anti-spam/";>Fairly-Secure Anti-SPAM -Gateway Using OpenBSD, Postfix, Amavisd-new, SpamAssassin, Razor -and DCC</uri></li> + <li> + <uri link="http://www.flakshack.com/anti-spam/";>Fairly-Secure Anti-SPAM + Gateway Using OpenBSD, Postfix, Amavisd-new, SpamAssassin, Razor + and DCC</uri> + </li> </ul> + </body> </section> </chapter> - </guide> -- [email protected] mailing list
