Prerequisites
What options we will have?
Notes
Download and install Spamassassin
Prerequisites
- Perl: 5.6.1 or later version
- libdigest-sha1-perl: The Digest::SHA1 module is used as a cryptographic hash for some tests and the Bayes subsystem.
- libhtml-parser-perl: HTML::Parser >= 3.24 HTML is used for an ever-increasing amount of email so this dependency is unavoidable. Run "perldoc -q html" for additional information.
- libstorable-perl: This is a required module if you use spamd and allow children to handle more than one client connection before quitting. Third party utilities may also require this module for the same functionality. Storable is used to shift configuration when a spamd process switches between users.
- MIME::Base64: This module is highly recommended to increase the speed with which Base64 encoded messages/mail parts are decoded.
- DB_File: Used to store data on-disk, for the Bayes-style logic and auto-whitelist. *Much* more efficient than the other standard Perl database packages. Strongly recommended.
- Net::DNS: Used for all DNS-based tests (SBL, XBL, SpamCop, DSBL, etc.), perform MX checks, and is also used when manually reporting spam to SpamCop.
- Net::SMTP: Used when manually reporting spam to SpamCop.
- Mail::SPF::Query: Used to check DNS Sender Policy Framework (SPF) records to fight email address forgery and make it easier to identify spams. Net::DNS version 0.34 or higher is required to use Mail::SPF::Query.
- IP::Country::Fast: Used by the RelayCountry plugin (not enabled by default) to determine the domain country codes of each relay in the path of an email.
- Net::Ident: If you plan to use the --auth-ident option to spamd, you will need to install this module.
- IO::Socket::SSL: If you wish to use SSL encryption to communicate between spamc and spamd (the --ssl option to spamd), you need to install this module. (You will need the OpenSSL libraries and use the ENABLE_SSL="yes" argument to Makefile.PL to build and run an SSL compatibile spamc.)
- Time::HiRes: If this module is installed, the processing times are logged/reported more precisely.
You need to have qmail-ldap installed with which we are intending to use Spanassassin. We will be using Simscan to glue qmail-ldap with Spamassassin. We will be installing the demonized version of Spamassassin. So we need some packages to be installed on our system. The packages are: libdigest-sha1-perl, libhtml-parser-perl and libstorable-perl. This is in accordance with the INSTALL file here. Out of these, first two I managed to install using apt-get.
libstorable-perl and SpamassassinBut libstorable-perl is not found in Debian package search. Lil googaling around yielded me with this result where I found the desired module. But then, if you search more, you would probably find this reference which says..
libstorable-perl used to be a separate package in perl-5.6.1 in woody but has been incorporated into perl-5.8.3 in sarge. In sarge perl itself now provides libstorable-perl. The current spamassassin does depend properly on libstorable-perl.So, as far as libstorable perl is conserned, you do not have to search for libstorable anymore (well, on sarge at least). Now to install libdigest-sha1-per and libhtml-parser-perl, you can use apt-get. Hoping that your host is well connected you can use following commands to install these perl modules.
# apt-get install libdigest-sha1-per# apt-get install libhtml-parser-perl
Of course all this depends on perl, so you should already have resolved the dependency. To put simplly, you need to have perl installed already. The note on libstorable-perl above should also be true for other distros of Linux too.
Assuming you already have perl installed (of course you have perl if issuing commands went well). You also need some other modules such as MIME::Base64, DB_File, Net::DNS, Net::SMTP, Mail::SPF::Query, Net::Ident, IP::Country::Fast, Net::Ident, IO::Socket::SSL, Time::HiRes.
Here you have two choices either test if those modules really exist or rely on your luck and proceed with installation. As for my decision, I am a victim of Edward Murphy's laws, so I decide to test. You can do it like this
$ perl -MCPAN -e 'shell'Terminal does not support AddHistory.
cpan shell -- CPAN exploration and modules installation (v1.7601)
ReadLine support available (try 'install Bundle::CPAN')
cpan> test MIME::Base64
CPAN: Storable loaded ok
CPAN: LWP::UserAgent loaded ok
Fetching with LWP:
http://cpan.linuxforum.net/authors/01mailrc.txt.gz
.
.
.
t/base64..........ok
t/quoted-print....ok
t/unicode.........ok
t/warn............ok
All tests successful, 1 test skipped.
Files=5, Tests=339, 2 wallclock secs ( 0.29 cusr + 0.06 csys = 0.35 CPU)
/usr/bin/make test -- OK
cpan> q
Terminal does not support GetHistory.
Lockfile removed.
$
The code in red color shows how to issue the tests to check the existance of said perl modules. The edited output is also shown above. You can test all the modules for existance and correctness. This is how you will proceed with testing necessory perl modules.
Back to contentsWhat options we are going to have?
We are going to install Spamassassin systemwide. We will be running spamassassin as a deamon and will be calling spamc (client for spamassassin daemon). We may wish to run spamd on some other host and run spamc on some other host later. For this we intend to use spamc over SSL. So we will need SSL enabled in Spamassassin. Later we will integrate it with qmail-ldap using simscan.
Back to contentsNotes
We are talking about installing spamassassin with qmail-ldap only. These instructions may be true for installations with some other mail servers too. But as far as this document is concerned, it talk about installing spamassassin on Debian, with qmail-ldap. If you suceeded to install it with some other mail server please contribute the steps of your installation. Inform me at email mentioned at the end of this document.
These instruction should work with other flavors of Linux too. For specific instructions on how-to install spamassassin, refer to the official documentation. This is just a quick and dirty way to install spamassassin with qmail-ldap.
One fact you must consider before installing spamassassin. Its not configure-make-and-make-install-as-root-and-you-are-done kind of software. You need a lot parameters to specify according to your taste and requirements. Some parameters may need decisions to make in accordance with your company policies.
This is little introduction of spamassassin from its README file.SpamAssassin is a mail filter which attempts to identify spam using a variety of mechanisms including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases.
Using its rule base, it uses a wide range of heuristic tests on mail headers and body text to identify "spam", also known as unsolicited commercial email. Once identified, the mail can then be optionally tagged as spam for later filtering using the user's own mail user-agent application.
You may want to read the entire file located here.
Daemon vs Individual process.Spamassassin can be run as a Daemon or as an individual process. Daemonized version of spamassassin is good for fast server which has considerable mail traffic. Spamassassin as an individual process for every scan is good for server where mail traffic is low and the server is capable to handle a few processes.
If you are expecting larg volumes of mails it is good that you use daemonized version. As a consequesce of daemonization, it will occupy some memory and resources all the time as against per-process invocation where it will run for the process and die, freeing memory and other resources. One more advantage of useing daemonized version of spamassassin is that you can use it over the network. Meaning you can run spamassassin daemon on one machine on the Internet and connect to it using a client running on some other machine on the Internet. The connection to the spamassassin daemon can be a normal connection or using ssl.
Running Spamassassin daemon with ssl support is a built in feature of spamd (a spamassassin daemon). Check out manpage for spamd (man spamd) for more information.
For daemon support you may require some other libraries. Check these requirements out. You can find these on INSTALL file. INSTALL file is located here
Little about spamd and spamc (Just for the sake of it) SpamdIt is a daemonized version of spamassassin which is intended to increase throuput in automated mail testing scenario. What it actually does is it loads itself as an instance of filters used for scanning mails by spamassassin. Then it listens for connections on the speicified port or on port 783 by default (check man spamd, for option specifying port to listen on).
When spamd receives a connection from spamc, it creates a chlid process to handle the scan request. The newly spawned child process reads the mail message from the network socket and dumps it back after processing back to the socket. This child process dies freeing the resources.
SpamcThis is the description of spamc from manpage for spamc
Spamc is the client half of the spamc/spamd pair. It should be used in place of "spamassassin" in scripts to process mail. It will read the mail from STDIN, and spool it to its connection to spamd, then read the result back and print it to STDOUT. Spamc has extremely low overhead in loading, so it should be much faster to load than the whole spamassassin program.
Back to contentsDownload and Install Spamassassin
Start with downloading the source for Spamassassin from its site spamassassin.apache.org. Download the source here. Be sure to have prerequisites fulfilled before you proceed.
$ wget http://www.reverse.net/pub/apache/spamassassin/source/Mail-SpamAssassin-3.0.4.tar.gz$ tar xzf Mail-SpamAssassin-3.0.4.tar.gz
$ env CFLAGS=-DSPAMC_SSL perl Makefile.PL ENABLE_SSL="yes"
$ make
# make install
In above steps, after gunzipping and untaring the sources, you need to specify CFLAGS to compile spamc with ssl. You also need to tell Makefile.PL to build spamassassin with SSL. This is specified as shown above. Rest of the installation is pretty straight and if you have followed the document, the installation should be clean.
Error compiling spamassassin..
You will get following error if you run perl Makefile.PL command as it is, meaning, without CFLAGS and ENABLE_SSL as shown above, be sure to encounter following error. Run perl Makefile.PL command as env CFLAGS=-DSPAMC_SSL perl Makefile.PL ENABLE_SSL="yes" as shown above.
make[1]: Entering directory `/home/sam/src/Mail-SpamAssassin-3.0.4'gcc -DSPAMC_SSL spamc/spamc.c spamc/libspamc.c spamc/utils.c \
-o spamc/spamc -ldl
/tmp/ccO2lZ9p.o(.text+0x13d6): In function `message_filter':
: undefined reference to `SSL_library_init'
/tmp/ccO2lZ9p.o(.text+0x13db): In function `message_filter':
: undefined reference to `SSLv2_client_method'
/tmp/ccO2lZ9p.o(.text+0x13e6): In function `message_filter':
: undefined reference to `SSL_load_error_strings'
/tmp/ccO2lZ9p.o(.text+0x13f4): In function `message_filter':
: undefined reference to `SSL_CTX_new'
/tmp/ccO2lZ9p.o(.text+0x1792): In function `message_filter':
: undefined reference to `SSL_new'
/tmp/ccO2lZ9p.o(.text+0x17b0): In function `message_filter':
: undefined reference to `SSL_set_fd'
/tmp/ccO2lZ9p.o(.text+0x17be): In function `message_filter':
: undefined reference to `SSL_connect'
/tmp/ccO2lZ9p.o(.text+0x17ec): In function `message_filter':
: undefined reference to `SSL_write'
/tmp/ccO2lZ9p.o(.text+0x180e): In function `message_filter':
: undefined reference to `SSL_write'
/tmp/ccO2lZ9p.o(.text+0x1cde): In function `message_filter':
: undefined reference to `SSL_free'
/tmp/ccO2lZ9p.o(.text+0x1cec): In function `message_filter':
: undefined reference to `SSL_CTX_free'
/tmp/ccgBYfry.o(.text+0x185): In function `ssl_timeout_read':
: undefined reference to `SSL_read'
collect2: ld returned 1 exit status
make[1]: *** [spamc/spamc] Error 1
make[1]: Leaving directory `/home/sam/src/Mail-SpamAssassin-3.0.4'
make: *** [spamc/spamc] Error 2