From: "Aaron Konstam" <akonstam@xxxxxxxxxxxxx>
On Mon, 2007-06-18 at 15:59 -0700, Brian Mury wrote:
On Sun, 2007-06-17 at 23:59 -0700, jdow wrote:
> Us it as part of your receiving MTA path, SendMail, exim, PostFix, or
> whatever else you use - even FetchMail.)
This is what I do (with fetchmail); however, I'm curious as to why you
say this:
> (Just do NOT use SA as part of your MUA,
> Mail User Agent, as Fedora has with Eviloution in the past.
What's wrong with that? Not disagreeing, just asking.
Well because for some reason which I have asked people to explain why
evolution uses spamd to remove
spam but it works very poorly.
If someone is willing to explain how to make it work well I am anxious
to learn.
Place spamd in your path from your MTA to /var/spool/mail/XXX. On a
modestly fast Athlon box it takes about a 3 seconds to scan mails with
the extensive rule set I have. That kind of delay is a killer. That
idiot setup for evilution is what earned it that nickname. It takes
real stupidity to set it up in your reading path where delays damage
the perception of the speed of the machine and installation. Embedding
it in the sendmail processing is a FAR better approach. (And if you DO
run sendmail on your own adding greylisting is a devastatingly effective
approach.)
I happen to use fetchmail and procmail without going through sendmail.
It saves machine cycles avoiding sendmail when fetchmail and procmail
can do it all.
===8<--- runmail - a script to run fetchmail my way. (Handy)
/usr/bin/fetchmail -d 90 --fetchmailrc /home/jdow/.fetchmailrc
===8<---
===8<--- .fetchmailrc (Required)
defaults mda "/usr/bin/procmail -d jdow"
set syslog
set postmaster ""
set no bouncemail
set no spambounce
set properties ""
# Check for new mail every 60 seconds.
#set daemon 60
#set logfile fetchmail_el.log
poll smtp.earthlink.net with proto POP3
user 'jdow' there with password 'I am no THAT dumb!'
is 'jdow@xxxxxxxxxxx' here options pass8bits
smtpaddress ' '
===8<--- (Iterate the last four lines for each account.)
===8<--- .procmailrc simplified a little - minimalist is below this
#############################################################################
# Necessary generic definitions
#############################################################################
SHELL=/bin/sh
DROPPRIVS=yes
# Debugging tool
#VERBOSE=yes
# Diversion to a raw file to prevent loss while experimenting.
## rawmbox is no longer needed at this time.
#:0c: clone.lock
##* ^List-Id: .*(spamassassin\.apache\.org)
#$HOME/mail/rawmbox
# (Some) Sites that have annoyed me more than a little
:0:
* ^From: postoffice@mac\.com
/dev/null
:0:
* ^From: MAILER-DAEMON@ceres\.concept\.net\.nz
/dev/null
:0:
* ^From: Mailer_Daemon@baldwinandfrancis\.com
/dev/null
:0:
* ^From: .*\.fleagroups\.com
$HOME/mail/fleagroups.com
:0:
* ^From: .*\.millikin\.edu
$HOME/mail/fleagroups.com
# etc
#Useful mailing list
trick##############################################################################
# Rewrite Reply-To: for SpamAssassin user list
##############################################################################
:0 fw
* ^TO_:.*(dev@spamassassin\.apache\.org|dev\.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin Dev list" -i "Reply-to:
dev@xxxxxxxxxxxxxxxxxxxxxxx"
:0 fw
* ^TO_:.*(users@spamassassin\.apache\.org|users\.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin Users list" -i "Reply-to:
users@xxxxxxxxxxxxxxxxxxxxxxx"
:0 fw
* ^List-Id:
.*(users@spamassassin\.apache\.org|users\.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin users list" -i "Reply-to:
users@xxxxxxxxxxxxxxxxxxxxxxx"
##############################################################################
# Rewrite Reply-To: for SpamAssassin dev list
##############################################################################
:0 fw
* ^List-Id: .*(dev@spamassassin\.apache\.org|dev.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin Dev list" -i "Reply-to:
dev@xxxxxxxxxxxxxxxxxxxxxxx"
##############################################################################
#
# THIS IS THE REAL JUICE
#
# Note I skip scanning the spamassassin mailing lists.
#
##############################################################################
* < 500000
* !^List-Id: .*(spamassassin\.apache.\org)
{
:0 fw: spamassassin.lock
| /usr/bin/spamc -t 150 -u jdow
}
=======8<-----
===8<-- Absolutely minimalist .procmailrc in case you're interested
#############################################################################
# Necessary generic definitions
#############################################################################
SHELL=/bin/sh
DROPPRIVS=yes
##############################################################################
#
# THIS IS THE REAL JUICE
#
# Note I skip scanning the spamassassin mailing lists.
#
##############################################################################
:0 fw: spamassassin.lock
| /usr/bin/spamc -t 150 -u jdow
======8<-------
With that there is absolutely no need for evilution or any other MDA to
place SpamAssassin in its reading path.
(A side note - due to the DDoS attack SARE is hard to access with the
Rules du Jour program. It works OK with the program I built for myself
about the time RDJ came about. I've never moved over to their program.
At the moment they need to add a delay between the rule file fetches to
make everything work best. Their work around is a suggestion to delete
all your current SARE rules or move them aside and fetch fresh. That
involves fewer connections per second and gets through the DDoS filters.)
(My script is primitive, ugly, and works. If folks are very interested I
could post the simple bash script.)
{^_^}