BrianJarrett.com

Getting Spam Assassin Working with Procmail and Postfix on a Fedora Core 5 Server

I bought brianjarrett.com in 2003, set up e-mail there, then kept it spam-free for three years. Then, it came. It was slow at first, only fifty messages a week maybe. It wasn’t long until it turned into fifty or a hundred a day; hundreds and hundreds by the end of any given week. On the client side Thunderbird did an okay job with it and Outlook 2007 did a better job with it but it was still a major pain in the ass, sitting there and waiting while Outlook churned through message after message promising pre-approved loans, penis enlargement, cheap Viagra, mini-RC cars, and messages about how some girl starting dating this guy but his “member” was too large for her mouth and she practically choked.

Now as sorry as I felt for this girl I just couldn’t stand the e-mails anymore. I thought about changing my e-mail address once again but I felt cheated; this was supposed to be my permanent address and these scum bags were taking it away from me. I paid for it! I decided to do something about it; if I couldn’t round up the Cajun Spammer and his buddies and drop them from a plane into the middle of the South Pacific (which, unfortunately, I can’t) then I could at least delete these stupid things as soon as they hit my server.

I decided to install Spam Assassin.

That was all well and good, until I began the process and saw that implementing Spam Assassin, along with Procmail, could be done just about as many ways as there were web pages describing it. I checked with my buddy Tim at work and he said he was running Spam Assassin and Procmail on his server. He gave me a good overview of how it works and some example scripts which got me started. Unfortunately he’s running Cyrus and I’m running Dovecot, so the implementation is a little different and I wasn’t able to get it working quickly.

Finally, after about three days of Google searching, tweaking, testing, tweaking, testing, and still more tweaking, I was able to get Spam Assassin and Procmail working with Postfix. What I’ve decided to do here is include exactly what I did to get my mail server working with Spam Assassin and Procmail. It might not be ideal, it might not be preferable, it might not be perfect, but it definitely works and it definitely kicks spam’s ass.

Here’s what I did.

I’m running Fedora Core 5 with Postfix. This assumes you already have a working Postfix mail server. If not, get that working then come back because that’s outside the scope of this article.

First I edited /etc/postfix/master.cf and included the following lines to the end of the file (you need to be root to do this stuff):

procmail  unix  -       n       n       -       1       pipe
flags=R user=dovecot argv=/usr/bin/procmail -t -p -m USER=${mailbox} EXT=${extension} /etc/procmailrc
retry     unix  -       -       n       -       -       error

Then I modified “mailbox_command” in /etc/postfix/main.cf to read:

mailbox_command = /usr/bin/procmail

That tells Postfix that it needs to use Procmail to deliver the mail and how to do it.

Now we create a file called “/etc/procmailrc” In this file I put:

LOGFILE=/var/log/procmail.log
VERBOSE=no

MAILDIR="$HOME/mail"

DROPPRIVS=yes

:0fw
| /usr/bin/spamc

INCLUDERC="$HOME/.procmailrc"

# Work around procmail bug: any output on stderr will cause the "F" in "From"
# to be dropped.  This will re-add it.
# NOTE: This is probably NOT needed in recent versions of procmail
:0
* ^^rom[ ]
{
LOG="*** Dropped F off From_ header! Fixing up. "

:0 fhw
| sed -e '1s/^/F/'
}

This will grab the mail for a user then pipe it to Spam Assassin. It will then apply filters in that user’s /home/username/.procmailrc file to the mail before doing some search and replace and then dropping it off in that user’s mailbox. /var/log/procmail.log will need to be writable by your mailserver (I’m not sure if it’s user dovecot or postfix) in order to write the logs. I just did a chmod 666 on it; I’m not too concerned about someone overwriting my procmail log file. The /etc/procmailrc file is the global procmail filter file. Each user can have their own procmail filter file in their home directory for their own mail.

Below is a sample .procmailrc file. This would be created and maintained by a user. Notice we do not include the preceeding dot at the beginning of the master /etc/procmailrc file but we do include it in our /home/username/.procmailrc file.

:0:
* ^TO_example@domain.com*
MyMailboxNameHere

:0:
* ^From. *mailinglist@website.com*
CommercialMailBox

:0:
* ^Subject: *September Newsletter*
NewsletterMailbox

:0:
* ^X-Spam-Status: Yes
Junk
#Or, instead of sending to Junk you can send it to the bit bucket /dev/null

Entire websites are devoted to procmail filters; this is just an example of three simple types that I use. The first one filters mail to a particular e-mail address into the specified mailbox, the second filters mail from a particular e-mail address into the specified mailbox, the third filters mail with particular text in the subject line into the specified mailbox and the fourth filters all junk into the Junk folder, based on the X-Spam-Status flag created by Spam Assassin.

The other nice thing is that was also able to get rid of duplicate filters in my clients (Thunderbird, Outlook, and SquirrelMail) and just let Procmail do all the filtering for me. Now all my mail is sorted and filtered into the correct mailbox before my client ever hits it. That was a big, big time saver.

I hope this was helpful, at a little bit. It assumes a working knowledge of Postfix, Linux, and e-mail in general. Also, the standard disclaimers apply; if you break anything on your system by attempting what I’ve described here it’s not my fault. This is only advice and you should know that you need to back everything before you monkey with a working system.

If this was helpful please let me know by posting a quick comment below. If there’s anything you’d like to add or correct feel free. Just remember to use your manners; nobody likes a smart-ass or a know-it-all, especially me.