kam.cf

KatyComputer

Well-Known Member
Sep 26, 2019
193
16
58
62
St Louis
katycomputer.com
Anyone have a better method of keeping kam up to date? Or, did I miss a setting in PMG? My kam.cf was a couple months old.
Code:
#!/bin/sh
# /etc/cron.daily/katycomputer_spamassassin_rule_update update custom Spamassassin rules

sleep $(shuf -i 20-3600 -n 1)
wget -N -P /usr/share/spamassassin-extra http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
wget -N -P /usr/share/spamassassin-extra http://www.peregrinehw.com/downloads/SpamAssassin/contrib/nonKAMrules.cf
systemctl restart pmg-smtp-filter
 
Last edited:
Hm - you could also download KAM.cf by adding an action to the 'pmg-daily.service' (which gets triggered by the 'pmg-daily.timer').
pmg-daily runs `sa-update` to keep the official signatures uptodate.

That way you would not need to restart pmg-smtp-filter twice if you can live with restarting only if there are updates to the official spam-assassin signatures:
* `systemctl list-timers`
* `systemctl edit pmg-daily.service` (add an extra 'StartExec' line with your wget)

I hope this helps!
 
Anyone have a better method of keeping kam up to date? Or, did I miss a setting in PMG? My kam.cf was a couple months old.
Code:
#!/bin/sh
# /etc/cron.daily/katycomputer_spamassassin_rule_update update custom Spamassassin rules

sleep $(shuf -i 20-3600 -n 1)
wget -N -P /usr/share/spamassassin-extra http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
wget -N -P /usr/share/spamassassin-extra http://www.peregrinehw.com/downloads/SpamAssassin/contrib/nonKAMrules.cf
systemctl restart pmg-smtp-filter

Download URLs seems to be a bit outdated, if you look into KAM.cf. Does it help to work with the latest KAM.cf?
 
@KatyComputer I have two issues with the script, I try to get negotiated:

1. the download is been done "visible", so I get a mail on downloading, maybe I should need to adjust wget commands to include -q to be quite

2. I saw, that you added options for detecting changes and based on changes download or not. I had something similar in my script for sa-update of rules, but I'm unsure on how to really code that, can you please verify, if that would work:

wget -q -N -P /usr/share/spamassassin-extra http://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
retval="$?"
if [ $retval -eq 0 ]; then compile=1; fi

and based on compile=1 or 0 recompile the rules or not.
 
@Stoiko Ivanov Maybe you could also help? I got the script running, adjusted the paths as well and now also get the script "quiet", however, it's still recompiling every time, so I'm unsure on how to adjust the retval to get compilation only done on changes.

Code:
#!/bin/sh

# KatyComputer
#
# Simple script to update KAM rules

SYSLOG_TAG=KAM-update

compile=0

logger -d -t $SYSLOG_TAG "Start KAM-Update"

#sleep $(shuf -i 20-3600 -n 1)

wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/KAM.cf
retval="$?"
if [ $retval -eq 0 ]; then compile=1; fi

wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/nonKAMrules.cf
retval="$?"
if [ $retval -eq 0 ]; then compile=1; fi

if [ $compile -eq 1 ]; then
    logger -d -t $SYSLOG_TAG "KAM-Update found"
    sa-compile --quiet 2>/dev/null
    systemctl restart pmg-smtp-filter
    systemctl restart spamassassin
else
    logger -d -t $SYSLOG_TAG "No KAM-Update found"
fi
 
hmm - well I see 1 potential problem:
* The exit code of `wget` does not indicate whether or not there was a difference in the file that was there before and the one you just downloaded.
(This behaviour is specific to `sa-update`)
* also I'm not quite sure how wget handles downloading the same file if it was not modified with the -N switch (maybe it downloads it to KAM.cf.1 ?!

I would probably try the following:
* use `wget -O KAM.tmp .... ` to download the file to a temporary location
* run diff -s KAM.cf KAM.tmp and use it's exit code to see if there was an update (diff exits with 0 if the files are equal)
* if they are different `mv KAM.tmp KAM.cf`, else `rm KAM.tmp`
* depending on that you then do the restarting and compiling

on another note - why do you restart spamassassin - is that part of your milter-setup?

I hope this helps!

Do you have any numbers/examples of where and how far regular updates to KAM.cf improve spam-detection?
 
Hi,

I just was able now to upgrade the script somehow similar. And yes, spamassassin is part of my miltered setup.

I will monitor now the update frequency, I just saw today, that were was an update yesterday. So I'm unsure on daily or hourly updates would be best or maybe I just hit "the date" and weekly is enough as well.

I'm unsure, if it's optimal or could be coded better, but my script now looks like this:

Code:
#!/bin/sh

# KatyComputer
#
# Simple script to update KAM rules

SYSLOG_TAG=KAM-update

compile=0

logger -d -t $SYSLOG_TAG "Start KAM-Update"

md5_old=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/KAM.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

md5_old=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/nonKAMrules.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

if [ $compile -eq 1 ]; then
    logger -d -t $SYSLOG_TAG "KAM-Update found"
    sa-compile --quiet 2>/dev/null
    systemctl restart pmg-smtp-filter
    systemctl restart spamassassin
else
    logger -d -t $SYSLOG_TAG "No KAM-Update found"
fi
 
Hi,

I just was able now to upgrade the script somehow similar. And yes, spamassassin is part of my miltered setup.

I will monitor now the update frequency, I just saw today, that were was an update yesterday. So I'm unsure on daily or hourly updates would be best or maybe I just hit "the date" and weekly is enough as well.

I'm unsure, if it's optimal or could be coded better, but my script now looks like this:

Code:
#!/bin/sh

# KatyComputer
#
# Simple script to update KAM rules

SYSLOG_TAG=KAM-update

compile=0

logger -d -t $SYSLOG_TAG "Start KAM-Update"

md5_old=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/KAM.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

md5_old=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/nonKAMrules.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

if [ $compile -eq 1 ]; then
    logger -d -t $SYSLOG_TAG "KAM-Update found"
    sa-compile --quiet 2>/dev/null
    systemctl restart pmg-smtp-filter
    systemctl restart spamassassin
else
    logger -d -t $SYSLOG_TAG "No KAM-Update found"
fi

Hi , in the latest version of pmg 6.1 there is no spamassassin services, I think it should be removed.
 
Hi , in the latest version of pmg 6.1 there is no spamassassin services, I think it should be removed.

Sorry, the script provided depends on my setup, which currently still is a miltered pre-queue setup with two SpamAssassin instances running (one via PMG, the other via spamass-milter, and that one I also need to restart). So if you just use PMG without any adjustments, remove or comment the line of restarting spamassassin.
 
Hi,

I just was able now to upgrade the script somehow similar. And yes, spamassassin is part of my miltered setup.

I will monitor now the update frequency, I just saw today, that were was an update yesterday. So I'm unsure on daily or hourly updates would be best or maybe I just hit "the date" and weekly is enough as well.

I'm unsure, if it's optimal or could be coded better, but my script now looks like this:

Code:
#!/bin/sh

# KatyComputer
#
# Simple script to update KAM rules

SYSLOG_TAG=KAM-update

compile=0

logger -d -t $SYSLOG_TAG "Start KAM-Update"

md5_old=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/KAM.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/KAM.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

md5_old=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
wget -q -N -P /usr/share/spamassassin-extra http://www.mcgrail.com/downloads/nonKAMrules.cf
md5_new=$( md5sum /usr/share/spamassassin-extra/nonKAMrules.cf )
if [ "$md5_old" != "$md5_new" ]; then compile=1; fi

if [ $compile -eq 1 ]; then
    logger -d -t $SYSLOG_TAG "KAM-Update found"
    sa-compile --quiet 2>/dev/null
    systemctl restart pmg-smtp-filter
    systemctl restart spamassassin
else
    logger -d -t $SYSLOG_TAG "No KAM-Update found"
fi
out of curiosity how good does the KAM capture the spam?
 
out of curiosity how good does the KAM capture the spam?

I see often hits of KAM rules (it’s not such easy to measure as the KAM rules don’t use a naming scheme, which let you directly evaluate their success), so it looks like they are really good. Some of the rules also make the way to SA itself, however, the guy behind KAM really does a great job. However, it’s most important to keep rules up to date and that’s currently not given in PMG. Just the rare updated SA rules are updated. I add extra rules as well, they just add a nuance of better results, KAM is one of the largest ruleset out there used by many Open Source/SA based antispam solutions.
 
@Stoiko Ivanov: Just a small, but good PMG feature would be: Any change to get an KAM-Update (e. g. daily update task) integrated with PMG by default? As you already do with the SA-Ruleset? Would be great, as you have integrated an KAM Ruleset, but it needs currently manually update efforts. So why not use the same update frequency / routines as you do with the SA ruleset updates? See your last git commit to refresh the KAM rule (also the nonKAMrules.cf rule is lacking) was on Tue, 21 Apr 2020. And official last KAM.cf rule update was yesterday, so now over three month no update, should be called outdated signature for the KAM part within PMG ;)

Thanks and keep up your great work and Product quality with the continious improvements.
 
Just a small, but good PMG feature would be: Any change to get an KAM-Update (e. g. daily update task) integrated with PMG by default?

Hmm - we have considered that - but we never got around implementing it and testing it thoroughly - would you mind creating an enhancement request over at https://bugzilla.proxmox.com - that way it won't be forgotten and we can evaluate the effect.

Thanks!
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!