How to manage spam/ham with sa-learn

[Comune di Levico Terme]

Hy,

it 'a bit of time I'm trying to figure out if it is possible to handle spam / ham like this:
- Sending a message to an address spam to report a message as spam
- Sending a message to an address ham to report a message as ham

I'm currently using Zimbra as e-mail system.

In the past I managed it by automatic-forwarding e-mail messages spam/ham from Zimbra to my previous system of spam (ASSP http://sourceforge.net/projects/assp/).

In theory I should be able to manage everything through this: http://spamassassin.apache.org/full/3.0.x/dist/doc/sa-learn.html

The idea would be this:
- On ProxmoxMailGateway I create a user for spam (eg. Spam347897834djk3445) with its mailbox
- On ProxmoxMailGateway I create a user for the 'ham (eg. Ham347897834djk3445) with its mailbox
- Every night Zimbra send spam/ham to spam/ham mailbox in ProxmoxMailGateway
- Every night ProxmoxMailGateway process the two mailboxes via sa-learn

In this way, the end user from Zimbra moves messages in "Junk" and then automatically the spamassasin present in ProxmoxMailGateway is "auto-train".

What do you think ?

 

[tom]

this is not possible with a mail proxy like the Proxmox Mail Gateway (you cannot create mailboxes).

 

[Comune di Levico Terme]

this is not possible with a mail proxy like the Proxmox Mail Gateway (you cannot create mailboxes).

And without create mailbox ?

I found these solution:
http://gtmp.org/doku.php?id=publications:sa-postfix-en

It's possible use these solution with Proxmox Mail Gateway ?

Thank you.

 

[kaufenpreis]

this is not possible with a mail proxy like the Proxmox Mail Gateway (you cannot create mailboxes).

Can you recommend me another solution for this question?

 

[Comune di Levico Terme]

ATTENTION:
Proxmox does not recommend any solution similar to the following.
If updates PMG this solution may stop working.

In Any Case ...

--------------------------------------------
The basic idea is to make sure that spamassasin auto-train based on the spam messages that users move in "Junk Folder" from e-mail client (eg. Zimbra).

The flow:
- each user populates his "Junk Folder" directly through the e-mail client
- the e-mail client or the e-mail server, forwards messages to the respective addresses spam / ham to PMG
- messages are parked on maildir format in /home/USER/Maildir/new
- PMG, every day, run the application /etc/cron.daily/caricaspamham that performs sa-learn with the '--no -sync' parameter and import messages from /home/USER/Maildir/new
- PMG, every hour, run the application /etc/cron.hourly/proxmox, which takes care of synchronizing the contents of the file with the db /root/.spamassassin/bayes_journal


How to continue:
- change the content of the file "/var/lib/proxmox/templates/main.cf.in" to manage postfix maildir instead of mailbox

# Modifiche apportate per gestire il formato maildir
home_mailbox = Maildir/
mailbox_command =

- apply changes

proxconfig -s

- reload postfix configuration

service postfix reload

- add a new user to manage spam and one to handle the ham

adduser sa-spam-7893ddfg44hyh --disabled-login --shell /bin/false
adduser sa-ham-34545ghf4r77jh --disabled-login --shell /bin/false

- create two folders in which you want to move the messages analyzed using sa-learn to remove them, using parameter --forget, in case you find behavior "strange" side dansguardian

mkdir /home/sa-spam-7893ddfg44hyh/analizzati
mkdir /home/sa-ham-34545ghf4r77jh/analizzati

- send a test email to ensure that they are created their folders and check the contents

echo "testo della mail" | mail -s "Soggetto Mail" sa-spam-7893ddfg44hyh@antispam.levico.locale
echo "testo della mail" | mail -s "Soggetto Mail" sa-ham-34545ghf4r77jh@antispam.levico.locale

How to check if the filter is applied correctly ?

sa-learn --dump magic

Contents of the file "/opt/localbin/sa-wrapper.pl"

#!/usr/bin/perl -w
# Time-stamp: <05 April 2004, 13:37 home>
#
# sa-wrapper.pl
#
# SpamAssassin sa-learn wrapper
# (c) Alexandre Jousset, 2004
# This script is GPL'd
#
# Thanks to: Chung-Kie Tung for the removal of the dir
# Adam Gent for bug report
#
# v1.2

use strict;
use MIME::Tools;
use MIME:arser;

my $DEBUG = 0;
my $UNPACK_DIR = '/tmp';
my $SA_LEARN = '/usr/bin/sa-learn';

my ($spamham) = @ARGV;

sub recurs
{
my $ent = shift;

if ($ent->head->mime_type eq 'message/rfc822') {
if ($DEBUG) {
unlink "/tmp/spam.log.$$" if -e "/tmp/spam.log.$$";
open(OUT, "|$SA_LEARN -D --$spamham --no-sync >>/tmp/spam.log.$$ 2>&1") or die "Cannot pipe $SA_LEARN: $!";
} else {
open(OUT, "|$SA_LEARN --$spamham --no-sync") or die "Cannot pipe $SA_LEARN: $!";
}

$ent->bodyhandle->print(\*OUT);

close(OUT);
return;
}

my @parts = $ent->parts;

if (@parts) {
map { recurs($_) } @parts;
}
}

if ($DEBUG) {
MIME::Tools->debugging(1);
open(STDERR, ">/tmp/spam_err.log");
}
my $parser = new MIME:arser;
$parser->extract_nested_messages(0);
$parser->output_under($UNPACK_DIR);

my $entity;
eval {
$entity = $parser->parse(\*STDIN);
};

if ($@) {
die $@;
} else {
recurs($entity);
}

$parser->filer->purge;
rmdir $parser->output_dir;


Contents of the file "/etc/cron.daily/caricaspamham"

#!/bin/sh

FILESPAM=/home/sa-spam-7893ddfg44hyh
FILEHAM=/home/sa-ham-34545ghf4r77jh
WRAPPERFILE=/opt/localbin/sa-wrapper.pl

# impostare il valore a 1 per rimuovere i file dopo che sa-learn ha analizzato i messaggi di posta elettronica
SPOSTA_FILE=1

if ls ${FILESPAM}/Maildir/new/* >/dev/null 2>&1; then
for f in ${FILESPAM}/Maildir/new/*
do
echo "learning spam via ${f}...";
cat ${f} | ${WRAPPERFILE} spam
if [ "$SPOSTA_FILE" -eq 1 ]; then
mv ${f} ${FILESPAM}/analizzati
fi
done
fi

if ls ${FILEHAM}/Maildir/new/* >/dev/null 2>&1; then
for f in ${FILEHAM}/Maildir/new/*
do
echo "learning ham via ${f}...";
cat ${f} | ${WRAPPERFILE} ham
if [ "$SPOSTA_FILE" -eq 1 ]; then
mv ${f} ${FILEHAM}/analizzati
fi
done
fi

exit 0;
--------------------------------------------