Myside's Spew - Blog of Spontaneous Combustible Spew

HOWTO: run spamass-milter (Postfix) non-root & custom group e-mail spam configuration locations, - using milter, spamc and spamd on FreeBSD

09 October, 2008 09:01 CST6CDT

I will assume you have a postfix installation that can receive incoming mail.

First, install milter spamassassin:

cd  /usr/ports/mail/spamass-milter; make install; make clean

The rc script is located: /usr/local/etc/rc.d/spamass-milter  Choose a socket location for Postfix.  For example: /var/run/spamass-milter.sock

Edit  /usr/local/etc/rc.d/spamass-milter and change the socket location to a secure location:

${spamass_milter_socket} could be changed at the bottom of this script too:  : ${spamass_milter_socket="/var/run/spamass-milter.sock"}

We will create a user called "spam" for the socket USER and GROUP ownerships.  Edit the following appropriately:

: ${spamass_milter_socket_owner="spam"}
: ${spamass_milter_socket_group="spam"}
: ${spamass_milter_socket_mode="664"}

The users root, spam, and postfix need access to this socket.  in /etc/group add the user postfix to the group spam.  Permissions for this socket type should be 664 rw rw r - rw for the user "spam" and rw for the group "spam" in which the user "postfix" is a member of.  The socket is not world writable, so only those with these credentials can take advantage of the majority of this service and secure communication.

For future user allowances of personal mail spam training, you should use spamc and spamd.  spamd will be run as root.  The rc.d file is located here: /usr/local/etc/rc.d/sa-spamd  Let's take a look at this and edit a few command line options.

The first spamd flag we want is -x which will disallow user configuration files.  This can be suppressed, if you wish per user training, and call spamc from postfix with the user of the incoming e-mail address.  For this demonstration, it will be used for a group of e-mail users.

The -u flag should be set to spam: -u spam, this sets the user name to spam.  The -g parameter for the group is unneeded because of the UID GID hard coded association with the user "spam".

By default when adding "spam" as a user, the home directory should be /home/spam  Now lets make sure spamd will use this directory for configuration even though spamd with spawned as root and will by default use /root  The -H parameter specifies this: -H /home/spam

At this time we are training one spamassassin rule set with multiple e-mail addresses, so we will utilize "--virtual-config-dir".  For example:--virtual-config-dir=/home/spam

So the command_args variable in the rc script should look something like this:

command_args="-x -d -u spam -H /home/spam --virtual-config-dir=/home/spam -r ${pidfile}"

Now make sure your postfix main.cf configuration file uses the smtpd milter:

smtpd_milters = unix:/var/run/spamass-milter.sock

This is an example of a basic idea for group users, and a start to multiple per recipient address configuration parameters and location manipulations.

Software  Projects  Article & Comments

Add a Comment
Verification (Required)
 authimage
Your comment will appear once it is approved and
your e-mail address will NOT be shared

Main Entry:   spew   Pronunciation:   \ˈspyü\
Function: verb
Etymology: Middle English, from Old English spīwan; akin to Old High German spIwan to spit, Latin spuere, Greek ptyein   First Known Use: before 12th century

intransitive verb
  1. VOMIT
  2. to come forth in a flood or gush
  3. to ooze out as if under pressure : EXUDE
transitive verb
  1. VOMIT
  2. to send or cast forth with vigor or violence or in great quantity <a volcano spewing out ash> —often used with out —spew·er noun
Land where drunk cows swim and home to my daily hand